G F NCTDE - Mission Convergence

missionconvergence.org

G F NCTDE - Mission Convergence

ProjectDocument for SCMA-VolumeI6.16.26.36.46.56.66.76.86.96.10ANNEXUREANNEXUREANNEXUREANNEXUREANNEXUREANNEXUREANNEXUREANNEXUREE 1 – ESTIMATE 2 – LIST OF GE 3 – EXPECTE 4 – EXPECTE 5 – EXPECTE 6 – EXPECTE 7 – EXPECTE 8 – PERFORANNEXURE 9 – IMPLEMANNEXURE 10 – LOCATED NUMBER OF ENTITLEMENT HOLDERSGOVERNMENTSCHEMES WITH BUDGETED OUTLAY FOED PERFORMANCE REQUIREMENTS IN DELIVERING SEED PERFORMANCE REQUIREMENTS FROM APPLICATION AND PLATED PERFORMANCE REQUIREMENTS FROM HARDWAREED PERFORMANCE REQUIREMENTS FROM NETWORK .ED PERFORMANCE REQUIREMENTS OF PEOPLE ARCHITECTURE ...RMANCE METRICS IN OPERATIONS AND MAINTENANCEMENTATION SCHEDULE ......................... ....................................................... 888ATIONS WHERE INFRASTRUCTURE NEEDSTO BE PROVS ..................................................... 75OR FY2008-09.............. 76ERVICES....... ................ 78TFORM ...... 79E ................................. 81................................... 83................ 84E .................................. 85VIDED ........................... 894


ProjectDocument for SCMA- Volume IGLOSSARYCAMSCCTCOTSDCEOIGNCTDGOIGRCISDNISMSISOITSMMCMRZNGOOEMPINPMURDBMSRFQSAMSCMSCMASISRSSSSTINVIZCard & Application Management SystemConditional Cash TransferComponent Off the ShelfDistrictt CommissionerExpression of InterestGovernment of National Capital Territory DelhiGovernment of IndiaGender Resource CentreIntegrated Services Digital NetworkInformation Security Management SystemInternational Standards OrganisationIT Service ManagementMission ConvergenceMachine Readablee ZoneNon GovernmentOrganisationOriginal Equipment ManufacturerPersonal Identification NumberProgram Management UnitRelational Database Management SystemRequest for QualificationSecurity Authentication ModuleSmart Card ManagementSmart Card Management AgencySystems IntegratorSystemRequirements SpecificationSamajik Suvidha SangamTemporary Identification NumberVisual Identification Zone5


ProjectDocument for SCMA-VolumeIDISCLAIMER1.This document is being publishedin order to enable the applicants to make an offer forthe appointment as a Smart Card Management Agency (SCMA) operating on BOOT(Build OwnOperate Transfer) basis by the Samajik Suvidha Sangam (SSS). SSS hasdecided to tender thisrequirement under the BOOT Model, whichh requires the bidder toinvest for both capitaland operational expenses, including all costs towards Operations,Maintenance, Consumables, etc.2.This document does not constitute nor should it be interpreted as an offer or invitationnfor the appointment of the SCMAdescribed herein.3.This document is meant to provide informationn only andupon the expresssunderstanding that recipients will use it onlyfor the purposes set out above.It does notpurport to be all inclusive or contain all the information about theSCMA or be the basissof any contract. No representation or warranty, expressed or implied, is or will be madeas to the reliability, accuracy or the completeness of any of the informationn containedherein. It shall not be assumed that there shall be no deviation or change inany of theherein mentioned information onthe SCMA. While thisdocumenthas been prepared ingood faith,neither SSS, nor any of their officers or entitlement holdersmake anyrepresentation or warranty or shall have any responsibility or liability whatsoever inrespect of any statements or omissions here from. Any liability is accordingly andexpressly disclaimed by SSS and any of their officers or entitlement holders even if anyloss or damage is caused by any act or omission on the part of SSS or any of their officersor entitlement holders, whether negligent or otherwise.4.By acceptance of this document, the recipient agrees that any information herewith willbe superseded by any subsequent written information on thesame subject madeavailable tothe recipient by or on behalf ofSSS. SSS and any of their respective officersor entitlement holders undertakee no obligation, among others, toprovide the recipientwith accesss to any additional information or to updatethis document or to correct anyinaccuracies therein which may become apparent, and they reserve the right, at anytime and without advance notice, to change the procedure for the selection of or anypart of theinterest orterminatee negotiations or the due diligence process prior to thesigning of any binding agreement.6


ProjectDocument for SCMA-VolumeI5.Accordingly, interested recipients should carry out an independent assessment andanalysis of the requirements andof the information,facts and observations containedherein.6.This document has not been filed, registered or approved in any jurisdiction. Recipientsof this document should inform themselves of and observe any applicable legalrequirements.7.This document constitutes no form of commitment on the part of the SSS. Furthermore,this document confersneither the right nor an expectation on anyparty to participate inthe proposed SCMA appointmentt process.7


ProjectDocument for SCMA-VolumeI1. INTRODUCTION“To provide social justice in the best coordinated wayto ensure that the under‐ privileged and the poor regularly receive welfare servicesfor both sustainablegrowth and eradication of povertythrough convergence of organizing, joining forces, facilitatingand making communities voices heard effectively.”It is anattempt to lay thefoundation for the proper psychological, physicaldevelopment of the poor and unheard communities.and socialSamajikSuvidha Sangam, launched on 14th August 2008, with a vision of having a city whichhoptimizes on its human resources, looking upon them as assets and not liabilities. It wasestablished with the purpose of providing a platform to work towards makinga positivedifference in the lives of millions of people living in the city of Delhi.The mission itself has evolvedfrom deepintrospections of thecollective experiences of variousdepartments of the state of Delhi responsible for implementing welfaree schemes and variousinitiatives. It was recognized that in spite of sincere efforts by these departmentsthere wasduplication of efforts‐ both human and financial resources. They failed to accurately estimateeand track the number of actual entitlement holders, often leading toimproper use of thebenefits, plus having multiple points of servicee delivery made their system even morecomplicated. This also led to the departments fromnot attaining their maximum potential andefficiency.For theneedy citizen, who should have been the entitlement holder of the Government’swelfaree thinking, such a situation translated intohardship of runningendlesslyto variousgovernment Departments asthere were no converging nodes close tothe pointof serviceedelivery. The most vulnerable also lacked the capacity to engage with the Government andfollow complex procedures toaccess entitlements.Therefore, there was a pressing needto simplify government procedures, increase interdepartmental coordination and information sharing, enhancee effectiveness of service deliveryat the grass root level, and increase citizen involvement. Government ofDelhi (GNCTD) was ofthe viewthat it needs to reorient its strategic thinking with respect to implementation of social8


ProjectDocument for SCMA-VolumeIsector programs in order toimprove the qualityof life ofits citizens especially the mostvulnerable and disadvantagedd sections of the city.The initiation of the SANGAMMission aims at convergence ofvarious departmental efforts forbringingg about constructive change in the lives ofthe urbanpoor communities itintends tosimplifymechanisms of government schemes, enhance andincrease citizen’s involvement.MissionConvergence attempts to tackle this through a multi‐pronged, a multi‐disciplinaryyof the state ofconvergence of services covering welfare schemes of the following departmentsDelhi‐ooooooooooHealth & Family Welfare DepartmentEducation DepartmentWomen & Child Development Department.Social WelfareFood and Civil SuppliesLaborUrban DevelopmentSC&ST /OBC/Minority// Backward Class Welfare Dept.Delhi SC,ST,OBC, Minorities andHandicapped Finance and Development CorporationLtd.(DSFDC)Divisional Commissioner Office1.1 GooGOALS & OBJECTIVES OF MISSION CONVERGENCEInadequate accesss or lack of availability of various welfaree and social services affects thelivelihoods and life expectancy of thepoor. Mission Convergence attempts to tackle thisthroughh a multi‐pronged, a multi‐disciplinary convergence of services covering welfare schemesssuch ashealth, education, nutrition, social security, employment, gender equity, pension andempowerment of communities.To make services available and accessible to the poorest ofpoor, Government of Delhi hasdecided‐To enhancee the visibility of schemes and sensitize the communities to theirrights vis avis the schemes and benefits; hence Eradicating extreme poverty, hunger and achieveeuniversal elementary educationTo enhancee the influence of thecommunity over theWelfare schemes byimprovingtracking mechanisms,increasing accountability and increasing local participation; henceeachieving Social Inclusion.9


ProjectDocument for SCMA-VolumeIoooooooTo promotegender equality and empower women as well as reduce child mortality andImprove maternal health.Reaching out to thoseat the bottom of thepyramid, empowering the underprivileged,thus giving a voice to the unheard.To increasee accessibility to services by creating a single window for accessing Welfare.Schemes, also using biometrics for verification and smart cards for effectivee delivery ofservices.To strengthen the Organisations(GRC/NGOs/ Government Line Dept) and its processessrelated to prompt service delivery;To ensure and optimize resource utilization, Good Governancee and Effective use oftechnologyfor empowering citizens.To create a uniform system to ensure availability information to all the stakeholdersbrining about complete transparency.1.2 EMPOWERMENT THROUGH E‐GOVERNANCEThe Mission seekss to use information and communication technology toprovide and improvegovernment services, transactions andinteractions with citizens, aswell as making theinstitutional processes and mechanismss of welfaree schemes citizen‐friendly, transparent, andefficient.Benefits of e‐GovernanceThe benefits of establishing an electronicc system would be visible in:o Strengthening of the services delivery systemo Empowerment of the communityThe strengtheningof the IT Infrastructure and Information Management would:ooooIncrease the accessibility of information to target entitlement holders.Accelerate the flow ofinformation between different nodes and cut down thetime lag.Reduce theprobabilityof information loss and distortion.Cut acrosss the traditional and organizational barriers to information flow such ashierarchy and bureaucracy.Information Technology as a Backbone for ConvergenceIn order to address issues pertaining Lack of information,Lack of transparency, Elaborateprocedures and paper work involved, Difficulty in identification of the entitlement holder and10


ProjectDocument for SCMA-VolumeIcompletion of paper work ,Mission Convergenceis strengthening the mechanismm of serviceedeliveryby instituting three key components:oooAn efficientInformation Management System with a centralized Data Repository.Connectingall Servicee Delivery points across the state with Computers and Networks –all cascading into a Centralized Hub to manage Information Flow.A Smart Card based electronic entitlement//E‐benefit card systemMissionConvergence’s dependence on Technology as the Prime enabler for deliveryof servicessis critical. The prime hub of Technologywould beresiding at the Mission Convergence DataaCenter that is going to be hosted by National Informatics Center. MissionConvergence intendsto havea portal for information dissemination and publishing MIS, theapplication softwarewould enable the service delivery points to reachout to the entitlement holdersThis DataaCenter would formthe hub from which all the applications and the portal would beaccessibleesecurely. All Data intelligencee activities would also be residingat this data center and would bepublishing desired information from the data centrally available here.It would be important to create a uniform systemwhich is available toall. One of the basicrequirements for the convergence would be to develop a reliable database for the targetedfamilies. A centralized data bank on all entitlementt holders would exist from which the data ofindividuals and ofthe familywill be retrieved. Collection of such data and storage after duevalidation would ensure identificationof the appropriate entitlementholder, designing theschemes for the targeted groups, effective co‐ordination and appropriatemonitoringto achieveethe desired objective.The resource centers which would be the Citizen touchpoints (GRC, DRC – Refer Annexure 1) atthe grass‐root level, District Resourcee Centers at the District Level for Implementationnassistance and a Project ManagementUnit at thetop for overall coordination and deliveryexecution, are being IT Enabled with a comprehensive Software package that wouldstrengthennthe services delivery to the right entitlement holders and connected to a central server tofacilitate the flow of information for MISreporting purposes.Additionally, the workflow and information flow between the above agencies would preventduplication of efforts, documentation and forms.The transformations occurring are unique and unprecedented in many ways and have thepotential to reachthose who hithertohave been marginalized fromthe decision‐makingprocesses.11


ProjectDocument for SCMA-VolumeIThe first two components ofthe system.i., the Workflow Application & the WebPortal arealreadyunder developmentthrough a Systems Integratorr contracted by SSS. It was feltprudent to keepthe Smart Cards and related servicess separatee and a Smart CardManagement Agency specializing in thisarea be appointed separately.It would be this agency’s role to buildand deploy the Schemes Management and DeliveryApplications, Smart Card related applications and services towork withthe Missions alreadycontracted Systems Integrator and work closely to integratee this system with Smart Cards,Banks and also operate the Smart Card related Enrollment, Personalisation, Issuance and HelpDesk services for a period of five years from the date of the award of thecontract.1.3 BBANKING SERVICESThe Mission seekss to open a ‘No Frills’bank account as perRBI’s policy for the EntitlementHoldersunder various social schemes operated by the line departmentsof the GNCTD. The ‘nofrills’ account shall work either with nil or very minimal balances as well as low service chargesas stipulated by the RBI guidelines.Cash Benefits provided by theState to these entitlement holders shall be transferreddirectly totheir ‘NoFrills’ accounts from where the cash can bewithdrawnas and when required.Wherever the entitlement holder doesnot have an existing bank account a new‘no frills’account would be opened and serviced by the Banking partner.In case the Entitlement holders alreadyhave a Bank Accountand yet wishes to open another‘no frills’ bank account for receiving cash benefits from the GNCTDunder the schemesscoveredby the MC program – a new ‘no frills’ account wouldbe opened and serviced by theBankingpartner.In case the Entitlement holders alreadyhave a Bank Account‐ does not wish to open anotherbank account – and wishes touse his/her existing account forreceiving cash benefits from theGNCTD under theschemes covered bythe MC program – transfer ofcash benefits to theexistingaccount would be managed by the Bankingpartner.12


ProjectDocument for SCMA-VolumeIThe Banking partner of the SCMA shall ensure theprovision of bankingservices as describeddabove to all entitlement holders for the duration of the contract. Itshall further ensureeproper coverage inthe NCT so as to ensure that every entitlement holder opening an accountwith the banking partner has an accesss to a Bankbranch oran Agent close to their place ofstay.The banking partner can tie up with the GRC’s to provide banking services from these locationson a priority basis if required. The banking partner shall use the Businesss Correspondent modelto deliver doorstepdelivery incase of old age pensioners, physically challenged, or other similarcategories as defined by SSS.1.4 SCMA FUNCTIONS ANDSERVICE OBLIGATIONS1.4.1.1.4.2.1.4.3.1.4.4.1.4.5.1.4.6.1.4.7.1.4.8.1.4.9.The complete end‐to‐end card management services shall be centralized andperformed by the SCMA. Alll recordkeeping, administrationand customer serviceefunctionsrelated to Smart Cards forall entitlement holders under MissionConvergence shall be performed by the SCMA. The operationalisationof the newsystem inaccordance with the core principles rests on the ability of the SCMA toefficientlyand accurately discharge its responsibilities.The SCMAshall automate the internal workflows of the identified line departments asseparate sub‐systems, wherever required.The SCMA shall automate the completee Service Delivery process for the defineddschemes of the identified line departments, whereverr required.The SCMA shall integrate the sub‐systems as defined above into a single AutomatedSystem for the GNCTD.The SCMA shall provide, implement and managea tried and testedCard andApplications Management System (CAMS) as per therequirements of SSS. The CAMSshould behighly flexible and should be able to cater to the growing needs of SSS.The SCMAshall also provide, implement and manage(on SSS’s behalf) an efficient KeyManagement System(KMS) that can properly manage the Multi‐application natureand requirements of the Suvidha Smart Cards. All SAM Cards required shall also besupplied.The SCMA shall also provide, implement and manage an efficientBiometricManagement Systemthat would be the prime identifier of the Mission Convergence’sentitlement holders.The SCMAshall create the Application & Data Structures for themulti‐application cardas visualized by SSS.The SCMA shall alsoprovide the Enrollment application for enrolling the entitlementholders. The Enrollment application shall also do a live capture of the photographs,signatures and fingerprints of the entitlement holders along with his/her personal13


ProjectDocument for SCMA-VolumeI1.4.10.1.4.11.1.4.12.1.4.13.1.4.14.1.4.15.1.4.16.1.4.17.1.4.18.1.4.19.1.4.20.1.4.21.1.4.22.1.4.23.data. Theenrollment application shall also have an authorization module that wouldrun in both manual mode as well as auto mode (where authorizationcriteria aredynamically matched).System would be using the basic electronic data baseof vulnerable createdby SSS andcapturingadditional information whereverr required.The SCMAshall be responsible for on‐site personalization and issuance of the Suvidhacards to the entitlement holders. This should be done immediately after enrollmentand authorization.The SCMA shall also be responsible for creating the Middleware software to pre‐personalize, personalize, activate and issue SuvidhaCards. This middleware shall beintegrated into the Workflow application already being built bySystem Integrator (SI)of SSS.The SCMA shall beresponsible for creating the Middleware software for CardManagement processesThe SCMA shall also be responsible for creatingthe Middleware software forTransaction Management processesThe SCMAshall alsobe responsible for creating the Application for Handheld/desktopmobile/fixed non‐PCTerminals wherever required.The SCMA shall be putting into place an effective automated Help Desk system formanagingg all queries/ complaints related to the Smart Cards.The SCMA shall ensure that the SuvidhaCards arefully integrated with the Bankaccounts of the entitlement holders.The SCMAmust ensure adherence to RBI guidelines for use of Smart Card.(The bankhas a keyrole in thesuccess ofthis project by ensuring deliveryof financial assistanceprovided by GNCTD under various schemes in a timely and convenient manner subjectto the best practicesand guidelines of the Reserve Bank of India.)The SCMAshall be responsiblefor openinga bank account with it’s bankingpartner forall identified Entitlement‐holders. The basic details of entitlement‐holders will besynchronized with the central database of SSS.The SCMA application must ensure unique identification of Entitlement‐holders priorto any financial transaction. Transfer of funds to the account of an Entitlement‐holderas per details / guidelines of each schemee must be carried out as per the instructionssof SSS. The Banking partner shall transfer the specified amounts intothe bankaccounts of Entitlement‐holders by the date of disbursement intimated by GNCTDThe SCMA/banking partner shall provide a facility fordoorstep banking forthe elderly(age > 70years), pregnant women and physically challenged citizens forwhich theSCMA/partner bank will create and maintain a network of Customer Servicee Points.The SCMAbanking partner is encouraged to permit normal credit/debit card facilitieson the smart card after prior approval fromGNCTD.The banking partnerr will acceptmoney from GNCTD under various schemess by Chequeeand ECS depending upon the mode of transfer identified by the line department of theState Government and the SCMA will reconcile accounts with District Collectors basedon guidelines that will be communicated to the successful bidder.14


ProjectDocument for SCMA-VolumeI1.4.24.1.4.25.1.4.26.1.4.27.1.4.28.1.4.29.1.4.30.1.4.31.1.4.32.The SCMA bankingpartner must appoint Business Correspondents for doorstepbanking and the bank is encouraged to consider existing GRCs for this role as theycurrentlysupport Mission Convergencein various activities under this project andshould meet the requirementsof a Business Correspondent.The SCMAshall provide all banking services as defined in the RFP. For this purpose theSCMA either has tobe a Bank– or be a consortium with a Bank beinga memberthereof.The SCMA is expected to workvery closely with theSI appointed by SSS and ensureeseamless integration betweenthe two systems. The Integration activity shall bespearheaded by the PMU at SSS.The SCMA shall obtain a RID code for these smartcards on behalf of GNCTD andefficientlymanage the inventory of blank Smart Cards. The SCMA shall be deemed tobe the custodian of these cardson behalf of the GNCTD and shall be held accountablefor any loss and defacing or anyother damage to these cards. A separate inventory fordamaged, defective and returned cards shall also be maintained on a real time basis.The SCMA system shall record details of all benefitsdelivery related transactions onthe Smart Cards..The SCMAwill be responsible for generating MIS required by GNCTD.The SCMAwill provide periodicconsolidated card managementstatementss to SSS anddischargesuch other duties andfunctions related to Smart Cardoperations as may bedetermined by the guidelines, directions and regulations issuedby the SSSS from timeto time.The SCMA will be required to provide electronic interconnectivity to theSSS, otherservice providers. The SCMA will also be expectedto offer a number of servicessdirectly to individual entitlement holders including card status, On‐card storedentitlement details and consumption details and other servicess as decidedd during theSRS phase. This facility will need to be able to adapt to future changes includingchanges on accountof technology advancements,changes in system specificationsincludingnumber of entitlement holders, number of on‐card Applications andschemes,and services and functional obligations prescribed by the SSS.To provide all Servers, Workstations, Storage, Networking, Smart Cards readers, SmartCard Terminals, Biometrics Hardware andany other related hardware toefficientlydischargeits duties to the GNCTD under this programand as has been defined in theRFP.The ownership rights and all other rights relating to ownership of all the Software used,record/ /records, data and information whether in electronic or physicalform or inany otherform obtained collected and/ /or required to be maintained bythe SCMAshall vestin the SSS.No person other than the SSSS shall haveany ownership rights or any other rights over any dataaor information in the possession of the SCMA. SCMA or any other appointed agency or personshall neither haveany right over such records/data/information nor use it at any stage forcommercial purpose(s). SCMA will not, without the prior permission ofSSS, produce / share15


ProjectDocument for SCMA-VolumeIsuch data or information as evidence or for any other purpose except as required by the dueprocesss of law. Itshall be the responsibility andduty of the SCMA to maintain absoluteconfidentiality of such records/data/information and to produce these as and when called forby the SSS.The selected bidder would build, operate and maintain the necessary SCM system and BankingServicesfor the entitlement holders under Mission Convergence on behalf of GNCTD. However,at the time of expiry of the initial contract the SCMAshall transfer to GNCTD in running state allHardware, Software, record/ /records, data and information whether in electronic or physicalform orin any other form obtained collected and/or required to be maintained by the SCMA toSSS or any other agency that may be appointed by GNCTD.1.5 KKEY STAKEHOLDERSThe keystakeholders of the Mission Convergence Program are as follows:Departments of Government of DelhiSamajik Suvidha Sangam (SSS)Entitlement Holders of the Mission Convergence ProgramSystem Integrator of Mission Convergence AutomationProgram (SI)16


ProjectDocument for SCMA-VolumeI2 SCOPE OF WORK OFSCMAOverview of Requirements:The selected bidder (The SCMA) is expected to buildnecessaryinfrastructure for providing SCM servicess to variousstakeholders. The services, applications andinfrastructure required for this purpose are detailedd in the sub‐sections below.The major roles of the SCMA would be:• Automationof the 9 line Departments identified bySSS wherever such automationneeds to beundertaken for implementationof smart card system.• To establish the compatibility between the existing informationsystems and proposedsmart card solution.• To automate the service delivery points for the various schemes wherever suchautomationdoes not exist as required for smart card operation• To ensure secure Transaction Managementfor all service delivery related transactions.• To Supply Suvidha (Smart) Cards as per the specificationns• To enroll all Entitlement Holders as per the specifications provided leading to thecreation ofa unified Database of the Entitlement Holders under the MC program ofGNCTD.• To provideall Suvidha Cardissuance, hot listing, tracking, etcof the cards.• To integrate Suvidha Cards into the departments Service Delivery related applications aswell as the Workflow application being built by SSS’s System Integrator.• To integrate the Cash based benefits delivery mechanism with thebank accounts of theentitlement holders.• Where suchBank Accounts do not exist ‐ to open such bank accounts and then integrateethem.related Services includes inventory, personalisation,• To provide various banking services to the entitlementholders.2.1 IMMPLEMENTATION OF SCCMIt is proposed thatt the implementationof SCM would be undertaken asunder viz, Building ofinfrastructure, Operations & Maintenance and Supply of Suvidha Smart Cards. The broad scopeof the activities is described below:17


ProjectDocument for SCMA-VolumeI2.1.1 Building of InfrastructureThis involves building necessary IT infrastructure considering the requirements andPerformance Metrics specified in this RFP. This broadly involvesa)b)c)Applicationdevelopmento SRS preparation and sign off by SSSo Application developmentand implementationo User Acceptance TestData Integration (withthe State MC Portal & Bank)o Preparation of Data Integration Strategyo Data IntegrationSetting up of Infrastructureo Developing orscaling up the infrastructuresuch as Data Centre, DisasterRecovery Facility, Network and connectivity, Call Center, Centralized Back Officeandany other related infrastructure.Vendor should take a sign off on completionof each of the activities.SCMA may develop new infrastructure or reuse/scale‐up existing infrastructure. In either casethe SCMA must ensure segregation, security andintegrity of MC Smart Card related data.SCMA should necessarily meet the Performance Metrics as mentioned in the RFP.The application software to be developed must meet all functional requirements asdefined inthis RFP. The Software provided must be certifiedby STQC to ensure itmeets all compliancerequirements.2.1.2 Operation & MaintenanceSubsequent to building infrastructure, SCMA shouldoperate and maintain the SCM system andprovidethe services to stakeholders as mentioned in this RFP. The vendor should take care ofthe requirements as given below:a. Providing services to various stakeholders while meeting the Expected PerformanceeMetricsprovided in this RFP.b. Upgrading the applications and infrastructure based on the requirements from SSSSor changes in government guidelinesc. Expanding the operations based on the needs communicated by SSS18


ProjectDocument for SCMA-VolumeI2.1.3 Supply ofSuvidha Smart CardsThe SCMA would also be responsible for the supply of thespecifications detailed in this RFP. Section 4.2.Suvidha Smart Cardsas per the2.1.4 ProvidingEnrollment ServicesThe Enrollment partner will be responsible for ensuring the capture of all information includingtext, biometrics, etc and follow best practice for the equipment as well as processes adopteddfor the enrollmentof Entitlement Holders for the duration of the contractt2.1.5 ProvidingBanking ServicesWhere the bidder is not a bank, a bank must be partof the bidding consortium.The banking partner will beresponsible for ensuring compliance with RBI guidelines andmanaging funds on behalf of SSS basedon guidelines/instructions applicable for the variousschemes of the GNCTD2.1.6Supply ofSoftware• Automationof Workflows of LineDepartments• Automationof Servicee Delivery Mechanismss under various schemes of the different LineDepartments• Applicationfor Enrollment of Entitlement Holders for the durationof the Contract• Applicationfor Personalisation & Issuance ofSmart Cards across defined locations• Applicationfor ProvideBanking Services as per the FI policy of RBI• Help Desk Management• Card & Application ManagementSystem• Key Management System• Middleware software as may be required to enable secure usage of Smart Cards• Scheme Analyser• System Software such as Operating Systems, Databases, Firewalls, Anti‐virus tools, etc.2.1.7 Supply ofHardwareThe SCMA would also be responsiblefor the supply, installation andmaintenance of thefollowing Smart Card Operations related Hardware thru the duration of the Contract. Theproducts supplied shall be as per the specificationsdefined in this RFP. These are to include:• Supply of Servers, Computers, Printers, Networking components etc. as may be requiredfor the workflow automation of the Line Departments19


ProjectDocument for SCMA-VolumeI• Supply of Smart Cards readers, Signature Tablets, Fingerprint Scanners, CardPersonalisation equipments, etc as may be required for secured Enrollment ofEntitlement Holders and issuanceof SuvidhaSmart Cards to them.• Handheld/desktop Terminals across Service Delivery points to ensure uninterruptedsecure delivery of services to the EntitlemenHolders20


ProjectDocument for SCMA-VolumeI3 D E TAILED R EQUIREMENTSThe primary responsibilityof designing appropriate solution architecture ofthe SCMapplication(s) and providing the servicess in compliance with the Performance Metrics rests withthe selected SCMA. In keeping with this requirement, only the functional and technicalrequirements are specified in this RFP.The principal requirements from the SCMA can be broadlyheads.categorized under the following1. EnrollmentApplication2. Document Management System3. Cards & Application Management System (CAMS)4. Key Management System5. Middleware Application for key Process6. Biometrics Management System7. Line Departments Scheme Management8. SARAL Software9. System Integration Services10. EnrollmentServices11. Banking Services (thruthe Banking Partner)12. Supply of Suvidha Smart Cards13. Supply of Computer Hardware, Terminals and Peripherals14. Applications on Card15. Card Structure16. ApplicationArchitecture17. Infrastructure Architecture18. People ArchitectureAll the systemsoftware licenses shall be procured by the bidder. The system softwarelicenses shall be genuine, perpetual, full use and shouldprovide patches, fixes, securitypatches and updates directly from the OEM for a period of 5 years.Thebidder shall provide with a full use databaselicense during the contract period.All the licensess and support should be in the name of department.For long term sustainability of the MC project, the products used should have well defineddproduct roadmap published by the OEM.21


ProjectDocument for SCMA-VolumeI3.1 ENROLLMENTAPPLICATIONEnrollment application will be required across 125centers toenroll theentitlement holders.The enrolment application will have the address thefollowing requirements:1. Should be able to work independently at occasionally connected locations as theenrolment centers might not be 100% connected to the central datacentre. Also,provision should be available to run this application from Mobile Enrollment camps.2. Should integrate with various devices such as biometric, web cam, scanners etc. and yetshould not be tied to specific client devices such as biometric, webcam, scanners etc.3. As the client needs to interact with variety of devices the client on enrolmentapplicationwill be a smart client application. The client should not use active x or other controls as itmay pose security risk.4. The Application should have aneasy to use interface. In order to make the job ofenrolment officer easier and to boost his/ /her productivity the enrolment applicationclient should support dual displays (TwoMonitors), hardware‐accelerated effects,scalability to different form factors, and interactive dataa visualization.5. Enrolment officers will have enrolment application client installedon their desktop. Theenrolment applicationclient should be ableto communicate withdatabase server. Thecommunication between client and server should be based on HTTP, XML, and SOAP(Web Services).6. Should support local language with transliteration as the information may berequired inEnglish andHindi.7. As enrolment centres might not have online connectivity to the data centre (especially inthe case ofmobile enrollment camps), data from enrolment application atenrolmentcenters should be automaticallytransferredto the data centre once the connectivity isestablished.8. Should have required data processing rules and validations in place.9. Should have role based security.10. Should support automated deployment of enrolment application from central dataacentre location11. SSS alreadyhas a digitized database of families and individuals covered during the door‐to‐door surveys conducted. This data shall be the primary data to be used by theenrollmentapplicationand any gaps found in the information available shalll be filled atthe time ofenrollment.12. The existing databasedoes nothave anybiometric information of the entitlementholders. The Enrollment Application should capture Facial Image as well as all tenfingerprintsof the applicant13. The Enrollment Application shall also be integrated with a robust and securee DocumentManagement System (DMS) toscan andmanage all documents provided by theapplicants during Enrollment andsubsequent applications for any additional schemes.22


ProjectDocument for SCMA-VolumeI14. The enrollment application shall have a multi level authorization process for approval ofan Enrollment Request.3.2 DDOCUMENT MANAGEMENT SYSTEMThe Document Management System shall ensure efficient and secure management of allDocuments that are submitted by the Applicants alongwith their Application forms. The broadhighlights of the DMS are outlined below:1. DMS Solution shouldbe capable of beingdeployedd both in centralized as well asdecentralized deployment model and should support bulk import & exportof data asXML and CSV format2. It should store metadata in RDBMS and electronic content on file system and shouldprovide a single unified platform for both paper & electronic records3. The DMS Solution should providean integrated platformfor Workflow and Web ContentManagement backed with a context sensitive 'Help' Operation4. System should have capability of sending alerts in case storage repository reaches limit5. The DMS should provide searching facilities based upon:a. Anymetadata field (content, author, source, keywords, etc.)b. Provide searchbased on actual content of the documentc. Provide ability to store frequently used searchess as Save Searches6. The DMS solution should not have any limitation on defining custom metadata fields andshould support associating metadata bothto records and folders. Metadata shouldsupport ISOstandardss7. Capable of supportinga hierarchical business classification scheme, with a minimum ofthree levelsbelow theroot level;and must support theuse of varying numbers of levelsat different points inthe classification scheme. System should have capability ofapproving a classification if a change is done.8. Should provide abilityto define retention schedules and holds and should be able tomanage entire lifecycle of the content right from capture till disposal9. Support ‘drag and drop’ and ‘copy and paste' method of manipulating folders andrecords.10. System should providea generic image viewer supporting common file formats like PDF,Word, Excel, etc. and must provide spell check functionn for notes and document title11. System must have provision of electronically signing the documents and should haveredaction functionalityfor permanently burning out sensitive information toadhere toRTI23


ProjectDocument for SCMA-VolumeI12. System should have the abilityof creating adhoc workflows, and defining namingpatterns for folders aswell as record13. System should be capable of sending email alerts and notifications on the variousactions to be performed on the repository14. System should have capabilityof publishing content over websites using HTMLtemplates15. System should provide an imaging/scanning application with no limitation on thenumber of scanning formats16. Provision for multi‐level security access for different access categories and shouldprovide alerts in case of security breaches. It should also provide a detailed andsearchable system audit trail/logs allowing the audit trail facility to be configurable bythe Administrator sothat they can select the events for which information isautomatically stored.3.3 CCARD & APPLICATION MANAGEMENT SYSTEMAt the core of the Suvidha Card there would be the central engine that would be controlling thecomplete smart card related operations.It needsto providea mechanism to manage each phase of theLifecycle of an ID. Lifecycle of anID starts with applicant filling a request, validation of request, textual and graphical dataacapturing, validation and security of captured data, generation of an ID in a secure and anefficient manner as per application, assignment andallocation of an ID to applicant.3.3.1 Key Features of the Card Management SystemConfiguration Management:The Suvidha card CAMS needs various configurationparameterswhich should work seamlessly and provide a great deal of flexibility and control to the IDmanagement system that is expected toevolve over the nextfew months. It requires definingfunctionality of such system and managing roles andusage of system.o It takes care of the application functionality i.e. what all components does thesystem involve.o It also manages the roles and functionality of the each sub system involved in thesystem.Terminals and User to Operate: The system needs various apparatus to performspecific orvarious activities and various users tooperate to enable such systemto perform desireddfunctionality.24


ProjectDocument for SCMA-VolumeIo It would require defining functionality, security, allocationetc. of each terminalin the system i.e. Management of Terminal Lifecycle.o It would be responsible todefine theroles and activities ofeach terminal.o It involves maintaining the Complete lifecycle of the terminal starting fromregistration, Functionalityassignment, Activation / Deactivation of theterminalso It should also incorporateSession managementfor the terminals.o It should manage systemusers for their identification,usage of application,security, tracking and monitoring etc.o Each system user should be identifiedd by a SAM Card in entire system.o Basic functionality of SAM Manager should be to manage the Operator SAMCards being issued to various Operators of eMISfor usage at various phases of itsLifecycle.o It should include Personalization & Issuance ofSAM Cards for the operators ofthe system.o SAMCard Manager should track and monitor completee lifecycle of the SAMCards.Managing Identity: System should manage the information ofID as generated and assigned byit. System should facilitate verification of each ID during its storage or retrieval at any phase ofits Lifecycleo It involves holding the information ofcard/ids personalizedthrough the system.o Managing complete lifecycle of the cards.o Managing the status of every card.o Every time a card being exposed to the system, it gets verified from this datao Data maintained in this server will also used for verification whenever a userapplies for duplicate card.Certification of Data: The system should ensure that Data is treated as an asset and its use isaligned with the system strategy givingg data a distinct value. Ensure that qualitylevels areapproved by the system prior to use. Facilitate standard form data acceptance, verificationn,auditingand monitoring purposes.o Data Certificate should beissued after the completion of authorization process,but can also beincorporated at any or all phasess of data management.o Certificate mayinclude• Originator Information• Receiver Information• ValidityPeriod25


ProjectDocument for SCMA-VolumeI• Timestamp of Certificate issuance• Checksum/HashSecurityof Data: The System should ensure Controlover the access to Data.o It should prevent or secure data from being read, modified, duplicated ordestroyed by an unauthentic and unknown entity.o It should provide security to the data by incorporatingEncryption/ /Decryptionalgorithms.o TheEncryption/Decryption can involve different level of Security Key cards, ifdesired.Communication of Data: System should providefunctionality to exchange data, betweenvarious phases of its Lifecycle.o Should also incorporate various data security mechanismm depending upon therequirement.o Data may also be transferred in encrypted form based on applicationrequirement.o Data Communication should use checksummechanism to ensure dataaauthenticity bydefault if no other method is specified.Managing User: System should manage bearer of identity i.e. . User in well defined strategy forLifecycle of each request for ID (filling a request till its allocation)o It should manage all userss of the system.o It should keeptrack of complete lifecycle ofapplication users starting fromenrollment till access attempts.Audit trail: Systemshould facilitate review of access, usage by User, during each phase of itsLifecycle. It should maintain logs of each successful and unsuccessful attempt by any entity.o It should keeptrack of all Access attempts made by different users of theapplication.o Either successful or unsuccessful attempts to access the system is to be logged.o Thisis useful in monitoring the frequency of application usage and tracking theunauthorized & authorized access attempts.Controlled Access: System should facilitate to control the access of system to Users at eachphase of its Lifecycle26


ProjectDocument for SCMA-VolumeIo Should manage and control the access attempts made by the authorized orunauthorizeduser and either successful or unsuccessful attempt to use theapplication, system etc.o It should provide a formof security to the system so one can identify theauthorized or unauthorized user in the case of any modification of thedata.o It should provide the control over the authorized andunauthorized accesssattempt made by different user.Authority: The System should be secure at each phase of its Lifecycle. Therefore any suchauthority that is responsiblefor securityat any phase of its lifecycle should be Cleary defineddand such security should be robust and reliable. Security key generation, storage, distribution,archiving and authentication of the keys should be facilitated.o Secure mode of keys generation and transfer.o No keys in the system are known to anybody.o Thealgorithm used by thesystem should be highly reliable.o Should have a secure Key Management Process.o Encrypted mode of transferring keys from one card to another.o Over the internet card authenticationn and initialization should be possible.o Should supportdifferent Operator SAM Cards used for different purposes.o Access control should be based on key‐based authentication.Generation of ID: System should facilitate accepting the request for ID,validation of request,textual and graphical data capturing, validation andsecurity of captured data, generation of anID in a secure and an efficient manner as per application, assignment andallocationof an ID toapplicanto Enrollment• It should record the basic informationof the EndUser/Operators whouses the system.• Information of End User/Operator can be provided either manually orelectronically.• This Process can be carried out at different stages of the system• Enrollment process also includes various checks inorder to incorporatebusiness logic.o Authorization• Verification of theData/information provided to the systemhas to becarried out (Recommended).27


ProjectDocument for SCMA-VolumeI• Authorization of the data/information can be doneat different stages ofthe System depending upon the requirement and flow of the systemo Personalizationn• Cards/ID generation for the End User/Operators of the System.• Personalization ofthe Cards/ID can involve multiple phasess dependingupon the requirement of the process.o Issuance• Cards/ID Issuance to the End Users/Operators of the System.• Flow ofthe Issuance can be application dependent.28


ProjectDocument for SCMA-VolumeI3.4 KKEY MANAGEMENT SYSTEMKMS Definitiono KeyManagement System is the set of techniques and procedures supporting theestablishmentand maintenance ofkeying relationshipss between authorisedparties.o KMSdetermines the security level ofthe whole system.o Hightechnology and strictt management safeguards the security of KMS.o Keys are transferred in cipher text, which is the main requirement of the KMS.Functions of KMSo KeyGenerationno KeyTransportationo Issuing SAM Cardo Issuing User Cardo KeyRenewalThe Suvidha Card would be a multi‐application card wheree different applications ‘may be’owned by the different line departments. Accordingly the KMS implemented shouldbe able tosecure every application individually with the ApplicationMaster Keys being held by theindividual line departments.The following is a draft of therequirements of the Key Management System proposed to be putin place. The sameshall be expanded and finalized into specification in consultation with theSmart Card Vendor.3.4.1 Security RequirementsSecurityrequirements of the Suvidha Smart Card are listed as following.o TheEntitlement holder card issued by SSS must be protected against fakecloning. This implies that, there should be a mechanismm to authenticate theSuvidha Card at the field.o Theon‐Card Data must beaccess proof and tamper proof.o There should be a mechanism through which authority canbe defined/delegateddfor accessing and modifying the on‐card dataa for performing various field orbranch transactions.o Thebio‐metricdata must be encrypted whilestored onthe card, apart frombeing access proof.29


ProjectDocument for SCMA-VolumeIo A Symmetric Key Based, Key Management System shall berequiredin order tofulfill the above mentioned Security Requirements. 3‐DES can be used assymmetric KeyAlgorithmfor performing various security operations (MutualAuthentication, Data Encryption, KeyDerivationetc.).o TheMaster keys required for making field transactionsshall be hosted on asmart card, with a chip which is minimum EAL Level 4 or Common Criteriacertified for equivalent level.3.4.2Functional Requirements of Key Management Systemo Generation of Parent/Seed Keys (Five of SevenScheme) and their safe storageandUsage.o Generation of Master Keys and production of Master Key based Authority Cards.These could bedifferent for different Applications ownedby the different LineDepartment.o KeyDiversification from Master keysand safely injecting them to the Entitlementholder Cards toactivate them.o Providing an External Authenticationn Protocol to performauthentication of theEntitlement holder Card, Role Authentication before Field Transactionn and beforeeallowing to load a new application.o Providing a Mutual AuthenticationProtocol between the Entitlement holderCards, Operators cards and SAM Card.o Disaster Recovery Modulefor KMS.Central Key GenerationA Multi‐Tier Key Management System Architectureshall be required for smooth operation. Thecomplete KMS shall be implemented & managed centrally.o All Authority Cards are produced at Central Key Generationn Authority.o Anyfive trusted agents need to come together with Parent key cardsin order togenerate required type and numbersof Authority Cards.o It must be hosted at the NIC Data Centre hostedon behalf of SSS.o Hasto be a safe Custodianof all Parent Keyso Responsible for Generation and Management ofkeyso All Master Keysderived from Parent Keys shall be generated at CKGAo SSS shall appoint a CKGA Nodal Officer.3.4.3Operational Requirementso To create a KMS Infrastructure as mentioned above.30


ProjectDocument for SCMA-VolumeIo Every KMS processes at each level tobe definedd comprehensively.o Frequent audits reports for compliance to process standards. SSS nayalso ask anindependent third party toaudit the same.3.5 MMIDDLEWARE APPLICATION FOR KEY PROCESSOnce the Suvidha Card has been personalized, activated and issued to theentitlement holder, itwould be ready forusage andtransactions to be made.Depending upon the application beingused theSuvidha card could be used inany of thefollowing three modes.1.2.3.For Identification of the Card HolderFor Identification of the Card Holder, Reading Entitlements of the cardholder but notrecording and verifying utilisationFor Identification of the Card Holder, Reading Entitlements of the cardholder and alsorecording and verifying utilisationThe major functions required for the above three modes are discussed in brief below. However,the final list of functions required would be arrived at on the finalization of the SRS.3.5.1 Card Authenticationno Every usercard shalll be authenticated with the respective SAM card using mutualauthentication.3.5.2 Card holder authenticationoooooCard holder authentication shall be done in two steps.Once the card is authenticated, the card holder’spersonal information shall bedisplayed.The card holder’s fingerprints shall be scanned, and then matched with the templateestored on the card.Once the correct match is found – the card holder shall be deemed to have beenauthenticated.Additionally– PIN verification may also be done (especially in the case of ePurse relatedtransactions)31


ProjectDocument for SCMA-VolumeI3.5.3 Card Holder Detailso Functions to read the card holders personaldetails from the personal information file –after card authentication is done.o Function to update the personal information file with the data provided by theapplicationafter verification of the security keys.3.5.4 Application Access Verificationo Function to list the various applicationson the card alongwith their date ofactivation/ deactivation and present status (active/inactive)o Function tocheck if a particular application is active/inactive.3.5.5 Application Activation / DeactivationooFunction toactivate anexisting deactivatedapplicationFunction todeactivatee an existingactive application3.5.6 Entitlement Detailso Function toread the entitlements of the card holder for a particular application afterpresentation of the valid keyo Function toupdate the entitlements of the card holder for a particular application afterpresentation of the valid key3.5.7 Entitlement Utilisation Detailso Function toread the utilization records for a particular application from its transactionnlogs after presentationn of the valid key3.5.8 Entitlement Transaction Recordingo Function towrite the utilization records fora particular application into its transactionnlogs after presentationn of the valid keyThe Smart Card Vendor would be providing these applications functionsin the formof libraryfiles (DLLS, etc) which would be called by the MC Application beingbuilt by the SystemIntegrator.32


Project Document for SCMA- Volume I33


ProjectDocument for SCMA-VolumeI3.6 BBIOMETRICS MANAGEMENT SYSTEMAt the core of any security solution there is a need to accurately and quickly identifypersons ofinterest. Unique identifiers,such as biometrics, are an ideal basis upon which an accurateidentification can be made and hence ensure the correct identification of the card holder.Biometric‐based security solutions harmlessly and quickly capture patterns from physicalcharacteristics of individuals then match these patterns againstrecords inavailable databases.Under the MissionConvergence program – biometric data managementwould be a part of astate‐wide biometric identification process, designed to establish an individual’s identity, andthereafter allow him to avail various schemes and benefits provided by the state.The Fingerprints based Biometrics wouldbe the primary proof of verification.The SCMA would capture the following Biometric information of all Entitlement holders:o Facial Imageo Fingerprints – all ten fingersThe Biometrics solution implemented by the SCMA should cater to allseamless system that allows for managing both from a single interface.the abovein a single3.7 LINE DEPARTMENTS’ SCHEME MANAGEMENTThru the Mission Convergence initiative– the GNCTD is streamlining the deliveryof variousState welfare schemes and benefits forthe vulnerable sections of the society. It is currentlyinvolved in 40+ schemes of various kinds that are managed and delivered thru the 9 state linedepartments and the DC offices. These departments are ‐ooooooHealth & Family Welfare DepartmentEducation DepartmentWomen & Child Development Department.Social WelfareFood and Civil SuppliesLabor34


ProjectDocument for SCMA-VolumeIFor all other delivery points – it is expected that these would already be equipped with PC’s andonly the Application software would need to be provided alongwith peripheralsfor secureeusage of Smart Cards and fingerprints.37


ProjectDocument for SCMA-VolumeI3.8 SCHEME ANALYSER ANDRATIONALISER WITH ADVANCED A LOGIC SOFTWARE (SARRAL)The objective of the SARAL Software would to enable a constant review of the existing schemessof GNCTD to suggest a way for their rationalisation and integration. This is necessary becauseethe 40+ schemes being covered under the Mission Convergencee Program are beingadministered by 9 separate departments.On a closer look, one can easily observe schemes that replicate in terms of objectives andtarget. Replicationcan occur on the demand side as well as onthe supplyside. On the demanddside , there are two kinds of replication commonly observed. It is often the case that, theintended beneficiaries of scheme A are strict subsets of scheme B. In order to administer suchschemes efficiently, the second type of replication endogenously occurs. That is, oftenbeneficiaries of scheme A have to provide the sameset of information they did while availing Band some more. This is unnecessary as the information relevant for availing scheme A should beonly the incremental ones collected over and above those provided while availingB. On thesupply side, replication occurs mostly in terms of administrative costs. This would typicallyyhappenif similar schemes are administered by two or moredepartments therebyincreasingoverheads. A proper framework of rationalization must address these issues.The evaluation framework focuses on access to beneficiariess. This is animportant approach,especially for policy making purposes, asfocusing on beneficiary access approach addresses theissues of identification, communication and implementation ofvarious schemes. Rationalisationnof the processes (and therebycertain schemes) will aid the intended beneficiaries more. This isparticularly important because various estimates quote substantial leakages, along withexclusion of significant population of thedeserving.To develop the frameworkone needs some broad classifications thatt must address issuesspertaining to (a) horizontal segmentation; (b) vertical segmentation, and (c) operationalsegmentation. Horizontal segmentationis typically across three primary interventions essentialfor an individual— —health, education andlivelihood. Vertical segmentation maps interventionsacross the lifecycle of any individual. Finally, operationalsegmentation must distinguishbetween schemes that are ongoing (thatt is schemes that require periodical outlay ofbudget) asagainst onetime costs (mostly capital expenditures tobuild and support essentialinfrastructure).For addressing horizontal segmentation, distinctions are made among schemes that enforceebasic rights of anyindividual with thosethat either aids the deprived (byenforcingaffirmative38


ProjectDocument for SCMA-VolumeIaction) or helps an individual in overcoming and withstanding shocks. The essential idea indefiningschemes according such parameters is that it helps inintegrationn of schemes with welldefinedd ‘bottom ofthe pyramid’ on which other schemes can be developed.The vertical segmentation is addressed by adoptingthe life cycle approach. With this approach,it is possible to map the different requirements across the lifecycle ofan individual. This isespecially important because, it automatically identifies schemes that naturally kick in (withoutinitiation on the part of the beneficiary) with those schemess that are availed only when thebeneficiary initiates the process.The operational segmentation is handled by first defining the need andprocess tointegrate.This is the convergence approach.3.8.1Role of TechnologyWith the introduction of the SARAL software – GNCTD expects a fair amount of intelligence tobe builtinto the system of Scheme Management.While theexpectations from this softwarewould be defined by SSS – the vendor would need to build the software on behalf of the Delhigovernment.Information Technology has come to be regarded as a platform on which services can beprovided, especially where the implementation machinery isnot very strong, andthere aremultiplechannels to reach the intended beneficiary.The problem with benefits reaching the intended beneficiariesis twofold.1.Identification problem(entry andexit)‐ Oneof the most commonproblems that plaguesuccessful implementation of the schemes are identification problem. Identificationnproblems occur at theentry stage (identifying who should be thepotential beneficiary)as well as a later stage –the exit stage (should the current beneficiary continue toreceive thebenefits). The sets of problems for both thecases havedifferent dimensionss.While problems with identification at the entry stagethat the beneficiaryis unable toprove that (s)he is deserving while problemswith identification atthe exit stage is oftendue to thefact that the implementing agency is unable to prove that the currentbeneficiaryis no longer undeserving. A database comprising detailed information on theBPL/APL individual/household, which gets dynamicallyy updated –both naturally as wellas with specific shocks would provide a base on which schemess can be provided. For39


ProjectDocument for SCMA-VolumeIexample, a data base that records a birth with its Gender, religion, caste and economiccstatus, will automatically update certain information with time. Note that certaincharacteristics do not change through the entire lifecycle of the individual (the Gender,religion andcaste), some change naturally (age) while some change with shocks (changein economic, marital, health status). A dynamic data base shouldideally capture theseechanges across time and space.2.Once the beneficiary is identified, and is eligible for a scheme(s), she has toprovide anidentity proof each time she wants to avail of a new benefit. Also, there are multipleservice delivery pointsthat any given individual has to go to. She is already vulnerable toshocks, anddoes not have the capability of foregoing her daily income in search of theseebenefits. Any process that replicates information requirement is inefficient.Informationnthat has been collected for a scheme that is at the base should be automaticallyaccessible and used for schemes that are add ons. For example, consider a girl child bornto a specific caste and religion. Once she is pregnant, certain schemes shouldautomatically kick in. If these schemes arenon universal in nature (that is targetedspecifically to a particular community defined over religion andcaste), while availingthese schemes, she must not prove, all over again her gender, religion and caste. IT inother words should enable seamless transition for eligible individuals across schemesAll departments will have tobe linkedwith this common database ofbeneficiaries (or anyadditionthereof), so that theyknow all details of the individuals at the same time. The updationhas to be in real time. This integrationn is important since we see an individual as one non‐segmented unit with multipleneeds at each stage of her life. Once the individual’sinformationnis captured in the database for providing basic schemes, she is eligible for enablingor supportschemes (marginal benefits on top of theexisting ones) at any point in her life.The SARAL software shall ensure the seamless availability of all relevant schemes to the eligibleeentitlement holders and ensure that there are no gaps in those meetingthe criteriaand thosegetting the benefits once these eligibility conditions and documents are capturedduring theenrollment phase or subsequent updates. Further, with the introductionof the SARAL Software– GNCTD expectsa fair amount of intelligencee to be built into the system of SchemeeManagement. Thefollowing are the major deliverables of the SARAL software:1.2.Comparisonstatement for any scheme / group of schemes between the budgeted andactual disbursals for any one or more disbursement cycle.Utilisation Report of a scheme outlay over multiple disbursement cycle40


ProjectDocument for SCMA-VolumeI3. Drill down to Family level utilization of disbursals for any scheme / set of schemes linkedto families.4. Drill down to Individual level utilization of disbursals for any scheme / set of schemesslinked to individuals.5. Provide a comparative coveragee as well as efficiency betweentwo or more similarscheme.6. Family level tabulationof all benefits that the family is eligible for.7. Family level report on benefits that the family is eligiblee for but not getting due to lack ofdocumentation / authorizations / approvals. ..8. Individual level tabulation of all benefits thatt an individual is eligible for.9. Individual level reporton benefits that an individual is eligible for but not getting due tolack of documentationn / authorizations / approvals..10. What‐if‐analysis at thedepartment level toview the impact of the scheme in terms ofcoverage as well as outlay on potential change of anyone or more of the parametersgoverning the classification.41


ProjectDocument for SCMA-VolumeI3.9 SYSTEM INTEGRATION SERVICESSuccessful system integrationn requires constant vigilance and must be practiced throughout theproject.Vendormust be having a broad‐based experience inoooomajor hardware platformsoperating systemsIntegrationn of multi‐vendor hardware andsoftware environments into application‐specific solutions.Support forintegrating/migratingg local, stand‐alone databases to multi‐user platformsSome of the key activities related to Smart Cardsthat forma part of the SystemIntegrationnservicess to be provided by theSCMA would be:3.9.1Hardware/Softwaree Integrationoooooohardware installationand integrationsoftware integration between disparate systemssoftware installationsystem testingon‐site trainingvendor will integrateo hardwareo third party softwareo systems softwareo communicationn links ando All other technology required to create an integrated solution for the Govt.Vendorshould have the capabilities in hardware and software engineering skills to fullyintegrate hardware systems including networks and to link multiple software systems into aseamlessly integrated information enterprise.3.9.2oUser ManagementDaily activitieso Creation/Addition of new userso Deletion of userso Re‐enabling deleted usersso Modification of user permissions/rights42


ProjectDocument for SCMA-VolumeIo All user management activities will be recorded andupdated with the activities as required.the customer will beoOne‐time/periodic activitieso Maker/Checker process for above functions instituted where necessary.o Changes to user rights andstatus on the system as per guidelines.o User management activityrecording and periodic reportingas required.3.9.3 Backup/ArchivalooDaily Activitieso Triggering of the Backup jobo Ensure backup completiono Backup archivalo Support Methodologyo Maintain Operating Systemso Data Back‐upo Power Back‐upand othersby applying required fixes and upgrades; ando By further performing regular systemclean‐ups and check‐ups.One‐time/periodic activities.o Outlining of methods/procedures toensure secure and seamless recovery fromanyoutages that may arise.o Procedures will be put in place to outlineo Interval between backupso Exact time when backups will be doneo Archival of backups and duration of archivalo Backup/Archive retrieval processeso Authorization procedures for archive/retrievalo Exercises will be conducted regularlyto ensuree team members are familiar withthe archive retrieval process to ensure speedy response in case of need.3.9.4 SecurityooooooCard securityDatabase SecurityData SecurityServer Security (Trusted IP addresses)Database ConnectionTable Access Control43


ProjectDocument for SCMA-VolumeIooRoles & PrivilegesRestricting Database Access3.9.5 Data Reconciliationo Informationn related topersonalization & issuance to be providedd to MC central serveron daily basis for reconciliation & updation3.9.6 Report Generationo Freezing ofreport formatso Generationn of reports based of defined processes3.9.7 Project Managemento Extensive project management capabilitieso Project managementmethodology to ensure that the project receives the right level ofmanagement attention and that the results are what MC desires.3.9.8 Help Desko Help Desk staff are responsible for referringproblems which theycannot resolve to theProblem Coordinator and for informing the customer ofthe progress of their problem.o Procedureo When the HelpDesk receives notification of an issue froma customer/field stafftheyrefer the problem tothe Problem Coordinator. The problem is described ona Help Desk Call Record.o TheProblem Coordinatorr evaluates the problem, contacting the customer/fieldstaff for further information if required.o TheProject Coordinator analyses thedefect/change and estimates the resourcessrequired to address it.o If the problem is a defect:• The Project Manager schedules the fix and allocatesresources.• The developers resolve the defect in accordance with the ConfigurationnManagement Procedure, Testing Procedure and Release Procedure.• If no problem is found, the Help Desk notifies the customer/field staff.44


ProjectDocument for SCMA-VolumeI3.10 ENROLLMENTSERVICESThe SCMA shall provide the Enrollment applicationfor enrolling the entitlement holders. Thiswould include the personal details, family details, biometrics,schemes entitlementcriteria etc.The Enrollment application shall do a live capture of the photographs,digital signatures, andfingerprints of the entitlemenholders..The enrollment application shall also have an authorizationmodule that would run in bothmanualmode as well as auto mode (where authorization criteria are dynamically matched).The SCMA would be providing all necessary Software, Hardware and PeripheralsalongwithManpower (Operators, Supervisors, etc.) to deliver the Enrollment andCard Personalisationnservicess from the designated EnrollmentPoints as per the SLA’ s defined inthis RFP.3.11 BBANKING SERVICESWhere the bidder is not a bank, a bank must be partof the bidding consortium.The banking partner will beresponsible for ensuring compliance with RBI guidelines andmanaging funds on behalf of SSS basedon guidelines/instructions applicable for the variousschemes of the GNCTD.The SCMA shall ensure that the Suvidha Cards are fully integrated with the Bank accounts of theentitlement holders. The SCMA must ensure adherence to RBIguidelines for use of Smart Card.(The bank has a key role in the success of this project by ensuring deliveryof financial assistanceprovided by GNCTD under various schemes in a timely and convenientmanner subject to thebest practices and guidelines of the Reserve Bank ofIndia.)The SCMA shall be responsible for opening a bank account with it’s banking partner for allidentified Entitlement‐holders who do not have an existing bank account but are eligible forCash benefits. Alsothose entitlement holders who already have an existing account but wish toopen another account with the bankingpartner where this new account shall be used for all45


ProjectDocument for SCMA-VolumeIcash benefits provided to him/her by thestate. Thebasic details of entitlement‐holders shall atall times be synchronized withthe central database of SSS.The banking partner will accept funds from GNCTDunder various schemes by Cheque and ECSdepending upon the modeof transfer identified by the line department ofthe StateGovernment and the SCMA will reconcile accountswith District Collectors based onguidelinesthat will be communicated tothe successful bidder. The SCMAapplication must ensure uniqueidentification of Entitlement‐holders as per details / guidelines of each scheme must becarried outas per the instructions of SSS. The Banking partner shall transfer the specified amounts into thebank accounts of Entitlement‐holders bythe date of disbursement intimated by GNCTDprior to any financial transaction. Transfer of funds to theaccountof an Entitlement‐holder The SCMA bankingpartner must appointBusiness Correspondeents for doorstep banking and thebank is encouraged to consider existingGRCs for this role as they currently support MissionConvergence in various activities underthis project and should meet the requirements of aBusiness Correspondent. The SCMA/banking partner shall provide a facility for doorstepbankingfor the elderly (age > 70 years), pregnant women andphysically challenged citizens forwhich the SCMA/partner bank will createe and maintain a network of Customer Service Points.The Banking Services to be provided bythe Banking partner of the SCMA shall be responsibleefor delivering the following key services:3.11.11 Opening of the ‘No Frills’ accounts as per the RGI guidelinesSSS shall make available a list of all such entitlement holders for whom a No‐Frills accounts have to beopened on a periodic basis. The SCMA alongwith its banking partner shall ensure that such accounts areopened in time as per the Performance Metrics and shall ensure that the Suvidha cards are issued andare linked to such bank accounts at both the Card level as well as the Bank Level. This information shallthereafter be madeavailable to SSS in anelectronic form and would be integrated with the StateDatabase.3.11.2Receipt of Funds from the GNCTD designated authorityGNCTD – thru its Line Departments / DC’s– would transfer the funds allocated for the entitlementholders as per the various applicable schemes from time to time. These funds shall be transferred to acentral account thatt would be managed by SSS.3.11.33 Transfer r of the funds to the individual AccountsSSS shall be makingavailable lists of the Account Holders to whom the fundshave to betransferredalongwith the amounts on a monthly basis. The SCMA shall ensure that the funds are transferred to the46


ProjectDocument for SCMA-VolumeIindividual accounts within the time definedd and agreedwith SSS. The details of all such transfers onceaffectedshall be provided to SSSS in an electronic format.3.11.4Operation of these accounts bythe Entitlement holdersOperations of thesee accounts for withdrawal or deposit purposes by the Entitlement Holders shall bepermitted only after his/her correct identification using the Suvidha card as well as Biometrics as arestored on the card.The banking partner of the SCMA would ensure thatt the required number of branches / BusinesssCorrespondents / etc., are established as per the norms defined in this RFP. Further – the Bankingpartner would also provide doorstep bankingfacility as defined in this RFP.All details of such operations would also be stored on the card as a part of the transaction itself and anelectronic passbook would be maintained onthe card.The electronic passbook on theSuvidha Cards would always be insync with the Accountinformationnwith thebank.3.11.5DormantAccountsWhenever an Entitlement Holders account lies in a dormant state for a periodof three months – theSCMA shall inform SSS of such Dormancy. SSS shall subsequently inform the bank about what needs tobe doneto such accounts.3.11.6FinancialReconciliation with the 9 DC’s officesThe SCMA thru the banking partner shall ensure Reconciliation of Accounts on a regular basis as per theperiodicity defined by SSS. Further all such reconciliations shall be done with the 9 District Centres ofSSS.3.11.7DoorstepBanking facilitiesThe SCMA/bankingpartner shall provide a facility for doorstep banking for the elderly (age> 70 years) ),pregnant women and physically challenged citizens.3.12 SUPPLY OF SUVIDHA SMART CARDSThe SCMA would also be the supplierdefinedd in the RFP.of the Suvidha SmartCards asper the specifications47


ProjectDocument for SCMA-VolumeI3.13 SUPPLY OF COMPUTER HARDWARE,TERMINALS & PERIPHERALSThe state would require an extensive deployment of Hardware, Peripherals and Terminals sothat thevarious applications envisaged on the Suvidha Card can be effectively utilized.The SCMA would supply alll Computerand networking hardware that is required to fullyautomate the various functions at the Line Departments and their service/benefits deliverypoints as per the RFP. The requirementsfor these are specifiedunder the respective heads..Bankingcorrespondents would carry such mobile terminals fordispensingcash at the door stepand must therefore be provided with sufficient terminals.All Fixed/ Mobile Terminals / Computers/ Smart card readers / BiometricReaders, etc requiredfor providing the Smart CardIssuance, PDS and Banking services have to be provided by theSCMA.Over and above these, a listof locations where additional equipment needs to be provideddalong with quantities is attached in Annexure 12. The following equipment (meeting thespecifications as laid down in this RFP) need to be supplied.a. Smart Card Readers (2 nos. ateach Location)b. Fingerprint Scanner (1 No. at each location)3.14 PPROPOSED APPLICATIONSID – this would be the primary application on the SuvidhaCard. It would incorporate thefollowing featuresand information, viz.photograph, signature, fingerprints; name, address &family data, essential demographic data and other data establishing, or having reference tocitizenship under existing andproposedstatutes. Identification of the entitlementholder shallbe doneonly withthe presentation of the SuvidhaCard. In every case – first the card shall beverifiedto be authentic, then the entitlement holder shall be verified fromthe data on the cardand hisfingerprints matchedwith those stored on the card.Subsequently – for applicationswhere his/her entitlements are stored on the card – the same shall be read fromthe card.Following this his usage of the entitlements shall also be read from the card and if some48


ProjectDocument for SCMA-VolumeIentitlements are still available the same shall be made available to himand the transactionndetails recorded on the card and also the backend. In case theapplication entitlements are noton the card – then the same shall be retrieved from the backend database, availableentitlements verified and if still availableshall be made provided.Some of the Applications thatt are visualized to be on the card are:ooooooooooooMC Application (Primary Application)UID ApplicationBanking Application – to link to the Bank AccountsPDS / Ration CardPensionHealthEducationWoman & ChildNutritionInsuranceLoansEmploymentThis is only a tentative list and the final list shall be finalized at the timeof preparation of theSRS. It is expected that with this, the Government can substantially enhance the effectiveness ofWelfaree Services by the use of Suvidha Card for Mission Convergence.3.15 STRUCTURE OF THE SUVIDHA CARDThe Suvidha card would havea structure that would cater tomanagingg multiple applicationssecurelyand individually on the card. At the rootlevel, Data Objects shall be used to storeunchangeable personal information of the card holder. These DO’s shall confirm to the ISOdefinitions.The final structureof the cardshall be prepared by the SCMA as per the requirements specifiedby Mission Convergence.3.16 AAPPLICATIONARCHITECTURE49


ProjectDocument for SCMA-VolumeIThe application architectureof the solution should be one which not only fulfills the role ofproviding services to stake holders but also takes into account scalabilityin terms of growth ofusers, increase of stakeholders and increase in services offered by SSS. Entitlementsdata beingfinancial data of the entitlementholders and Government Budget allocations anddisbursements, security and confidentiality forms a crucial consideration. Also, the system iscritical and needs accessibility and flexibility in terms of interoperationswith othersystems ofthe state. Hence,it is emphasized that the vendor should developa technical solutionconsidering these requirements and challenges.DetailedApplication Architecture proposed for the variousprovided by the bidder in the Technical Bid.applications requiredshould beApplication architecture should describe the technologyand standards that facilitatecommunication and functional interface within and between systems, both at module‐to‐modulelevel or intra‐application level, and at the application‐tto‐application or inter‐applicationnlevel. The Application architecture therefore shall encompasses the aspects of communicationn(inter and intra‐application), and integration. The scope is to provide a framework under whichhthe SCMapplication system would work to improveservice delivery and business value.3.17 INNFRASTRUCTURE ARCHITECTURE3.17.11 Overviewof Infrastructure requirementsThe Hardware andinfrastructure requirements for the solution of SCMshould be based onprinciples of robustness, scalability and availability.The solution proposed needs tobe not justfailsafe but also scalable andadaptableto the growth in volumes. TheMission ConvergenceeprogramData Centre is being hostedat NIC and would be largely dependingupon theprovisions under the State SWAN infrastructure for its connectivity requirements.This Data Centre would also be used forhosting the SCMA’s Servers required for implementingthe proposed solution. All Hardware, Software, NetworkingRequirements etc required shallhave tobe provided by the successful Bidder.Accordingly the bidders are required to provide details about the following:3.17.2Server Storage RequirementsThe infrastructurerequirement of SCM system is expected to scale up in the comingyears. It isreiterated that the expectednumber of entitlement holdersof the SSSS is expected to grow50


ProjectDocument for SCMA-VolumeIrapidly in the firstthree years. Inadequate planning and design would result in performanceedegradation detrimental to the interest of the stakeholders of the SCM system.To avoid the potential bottleneck the bidder should plan for server storage management interms of the components required to meet the scalability without compromising on the otherparameters. In this regard the bidder is expected to elicit their plan with the server storagearchitecture to manage server storage without compromising on the performancee and otherrequired parameters of the application as specified in the expected performancee level tablediscussed below.3.17.33 Data Center and Disaster Recovery Center RequirementsThe Infrastructureshould incorporate the application components that have been described inthe data and application architectures and must bescalable tothe needsof growth in terms ofuser access/transaction volumes/data storage/addition of stakeholders. The functional aspectssof the technical infrastructure architecture are given below but the bidder is expected to givethe detailed solution. Response expected from bidders must include the followingArchitecture overviewBlock diagram showingmajor components of the solutionMajor hardware component features.Break up of each ofthe majoraspects given as guidelines inthis document fromimplementation perspectiveIt must be noted that while the application and infrastructuredesign, development,implementation and operations periodare the responsibilities of theSCMA. SSS/GoI hasexclusive rights to the entire repository of data.It is however emphasized that the software and applications must becompatible with thehardware and infrastructureand any issues arising due to incompatibilityof the same will haveto be resolved by the vendor.3.17.4Space/Rack RequirementThe requirement of Rack space should be assessedand proposed by thebidder with a plan tostore and maintainn master and transaction data of at least 40 lacs entitlement holders to beginwith. Scalability tomatch theincrease inthe number of entitlement holders should be plannedaccordingly51


ProjectDocument for SCMA-VolumeI3.17.5Bandwidth RequirementThe requirement of bandwidth should be assessed and proposed by the bidder in tune with therequirements taking into consideration the various redundancy mechanisms required tomaintain Service Level compliance and uptime needs as discussed in this RFP document3.17.6Disaster Recovery CenterThe Business Continuity Solution for SCMA Systemshould ensure delivery of services to thestakeholders in the event ofcomplete failure of the SCM Data Centre. The DR site must beinvokedautomatically when the production site fails to provide its services. The bidder isrequired to submita detailedd architecture and components ofthe DR solution. DR site shall besetup and maintained by the successful vendor.The following are the requirements of the DR siteThe DR siteshould be designed as the backup (mirror) site to the production site.The vendorhas to offer an optimized, connectivity solution from the SCM applicationsite to the DR Site.The DR Siteneeds to deploy the entire SCM Applicationsolution.The vendorneeds to ensure that the DR Siteis kept current with the latest version of theApplicationbuilds, andall solution components.The vendorshall simulate routinetests to ensure that the fail‐overto the DR Sitehappens, without any service downtime. Thevendor may considerrunning all servicesand transactions off the DR Site, at least once in three months, on a non‐peakday.The bidder will have toperform DR drills every quarter of the year.3.17.77 Backup and recoveryConsidering the magnitude of operations and the criticality of the data handled bySCMA, it isrecommended that a well thought out business continuity planbe put into place. For continuityof operations the vendor needs to propose a solution for a replicationsite and regular riskassessment strategies. The vendor is required to suggest a solution for the business continuityand disaster recovery aspectss of the proposed solution. Someimportantt points amongst otherin terms of SSS’s requirement are as below and are intended as a broad guideline for thesolution.The vendorshould have a documented back up strategy and recovery wherein back upschedules and responsibilities areclearly laidout at an organization level. This shall haveto be approved by the PMU cell at SSS.52


ProjectDocument for SCMA-VolumeIThe back up media should be stored in a secured placeand any incidence occurring dueto misplacement of media shouldbe immediately reported to SSS.There should be a regular anti virus strategy.All archival media should be stored in suitable facilities and one copy each of mediashould be stored in fire proof facilities in thepremises.There should be a copy of media stored outside the premises.There should be a regularly scheduled restore facilitiesto test thehealth of the archiveback ups and the media.Back up logshould be maintainedfor a period of two year.SSS reserves the right to audit theback up media through an external agency.All systemss – applications, data tuned parameters and critical hard copy documentswould be regularly backed up.3.17.8Disaster Recovery PlanThere should be a documentedd disaster recovery and business recoveryplan withregards to its operations. This shall have to be approvedby the PMU cell at SS SSThe selected vendor must havea replication site at a location not in the physicalproximity of the premises.The vendor must ensure near real time replication ofthe transaction dataa of the liveserver.The replication site should be hosted withthe samephysical and technical securityrequirements as the primary sites.There should be a documented escalation process anddesignated personnel who shallbe responsible for contact and action in caseof disaster.There should be routine disaster response drills, the reportsof which should becommunicated to SSS every 3 months.All systemss should be adequatelycovered by insurance.SSS reserves the right to audit theDR site through any external agency.3.17.9NetworkRequirementAll the components of the SCM Network solution and the application should be designed withresilience to maintain the 24x7 services to all the stakeholders. A checklist of resilientequipment and component should be mentioned by the bidder. It is the responsibility of thebidder to design and deploy a networkto ensuree 24x7 services of the SCM Application. Thefunctional aspects of the technical infrastructure architectureare given below, but the bidder isexpected to give the detailed solution. Response expected frombidders with regard to networksolutionshould include the following53


ProjectDocument for SCMA-VolumeITechnical overviewDetailed Network diagram showing major componentsof the solutionLAN and WAN componentsConnectivity and technical specifications with regard toconnectivity3.17.10 Firewall & WebProxyThis is typically thefirst pointwherein the access request hitsthe datacenter. It is designed toblock unauthorized access while permitting authorized communications. This layer shall bedesigned to provide a secure firewall, application layer filtering functionality and reduceebandwidth consumption on the Internet/WAN links and improvingresponses to a clientaccessing web based applications.3.17.11 Anti‐Virus SoftwareUnified protectionfrom viruses, spyware, and other current integrated throughh one clientagent. There should be a simple administrationn through central managementto protectinfrastructure with greater efficiency. Visibility and control through insightful,prioritizedsecurityreports and a summary dashboard view, sothat theree is complete visibility and controlover malware threats.3.17.12 VirtualizationMissionConvergence (MC) will be supporting approximately 43 differentschemes across 9 linedepartments serving almost 5 million entitlemenholders. It will require a significant sizedatacenter to server such kind of service. Virtualization is responsible for creating a “Dynamic”datacenter enabling the efficient use of server hardware investments by consolidating multipleserver roles as separate virtual machines (VMs) running on a single physical machine and alsoefficiently run multiple different operating systems—Windows, Linux, and others— —in parallel,on a single server, and fully leverage the power of x64 computing. The SCMA should harness thebenefits of virtualization when planning out their architecture.3.17.13 Integrated ManagementThe MCdatacentree will have many critical artefactssuch as physical hardware servers, networkelements like switches, routers etc., OEMproductssuch as operating system, database, virtualIT infrastructure (virtual machines) and goes till the MC specific application that are deployedd54


ProjectDocument for SCMA-VolumeIonto them. It will be of utmost importance to ensure efficient and effective management ofthese artefacts so that services can be delivered to then entitlement holder smooth manner.Instead of having different set of tools tomanage and monitorthese artefacts it is imperative tohave anintegrated, single centralizedmanagement of physical and virtual IT infrastructure,increased server utilization, and dynamic resourcee optimization across multiple virtualizationplatforms. It includes end‐to‐end capabilities such as planning, deploying, managing, andoptimizing the virtual infrastructure. Thisintegratedmanagement environment proposed by theSCMA will Manage the entire lifecycle of theIT infrastructure froma single console Integrate management of both physical andvirtual systems, fromthe hardware to theworkload3.17.14Patch ManagementMC will have a comprehensive data center, disasterrecovery site and 125distributedd enrolmentcenters. Apart fromjust monitoring various IT systems (servers and desktops) needsto patchedwith latest updates in order to drive greater efficiency. An unpatched system can become theweakest link and can compromise the security of entire system.The proposed solution for MCshould be able to provide the following capabilities:Patch/Software Update Management: This capability will simplifies the complex task ofdelivering and managing updates(security and non‐security) to IT systems across the MCenterprise. IT administrators will be able to deliver updates of various products, customline‐of‐business applications for various schemes, hardware drivers, and system BIOS toa variety ofdevices—including desktops, laptops, and servers.Software Distribution: MC will have software runningacross 125 enrolment centers.There will be scenarios when a new version of application/ software needs to bedistributed. This capability will simplify the complex task of distributing applications andupdates to desktops, servers, laptops, and mobile devices across MC networks.Asset Management (Software/Hardware Inventory): MC solutionwill havea complexnetwork ofIT systems and ensuring compliance and audits will be complex task. Thiscapability will enable MC solutionto have better control over their IT infrastructure andassets through asset intelligencetechnologies that provide IT administratorscontinuousvisibility into what hardware and softwareassets they have, who is usingthem, andwhere theyare.55


ProjectDocument for SCMA-VolumeI3.17.15Data PlatformAs thissolution will be supportingapproximately 43 different schemes across 9 linedepartments serving more than 5 millionentitlement holders with huge number of transactionssand data volume, the data layer instead of being just a database will needto be enterprise classsdata platform. This data platform should addresss the requirements ofMC at various levelsrangingg from scalability, performance,high availability and go beyond relational database toaddresss functional areas such as Key performancee indicator,data warehouse, and advanceddreporting.3.17.16Data warehouse and ReportingA data warehousee is a repository of anorganization's electronically stored data, designed tofacilitate reportingand analysis. This definition of the data warehouse focuses on data storage.The main source of the data is cleaned, transformed and catalogued andis made available foruse by high level management for data mining, online analytical processing, and decisionsupport.MC is a paradigm shift in howservices will be offered to entitlement holder. A data warehouseewill be required tomeasure the effectiveness of theprogram and get analytical level insight intothe huge amount of data that will be captured while providing the services. End result of thedata warehouse will be to provide dashboard with key performance indicators (KPI).At top level management can get a meaningful dashboard indicating key data points such asschemee wise disbursementpatterns, entitlement holder segmentation, year on year healthhpatterns, gender distributionpattern and so on. From top level a person can drill down todetailedd level of transaction reporting. Detailed utilization andefficiencyof this shall be as perthe specifications of SARAL software.3.18 PPEOPLE ARCHITECTURESSS expect the vendor to create a separate unit/entity within existing management structureexclusively for theoperations as SCMA. The overall roles and responsibilities of such a unitwould amongst other include:56


ProjectDocument for SCMA-VolumeI3.18.11 Management of SCMATo set up the required administrative capacity to meet functional andservice obligations ofSCMAManagement capacities in executionand overseeing of functions ofSCMA while meetingexpected performance requirementsas given inthis RFP.To enforce service and functional guidelines formulated by SSS on other stakeholders andreport on lapses and errors.Formulation ofsuitable management structure for conduct of business of SCMA, with focusono Processs improvements and innovationo Solutiondeliveryo Service provisioningo Strategic planningo Enterprise leverageo Financial Managemento Standards and PoliciesSeparate structure with specific verticals to focus on service delivery, IT infrastructure andservices Management,monitoringof service level adherence. This would involvedevelopmentof separatee management unit with clearly defined functions for variousverticals, rolesand responsibilitiesfor verticalspecific staff.The bidder is expected toprovide a detailed description of his approachin creating such unit along with detaileddorganizationalstructure. The biddershould also provide details on number of entitlementholders to be deployed for various activities andat various levels on both offsite and on site.Initiation of service delivery after formulation ofdetailed business process and workflows aswell as quality monitoring systems for measurementof processes and other qualityparameters. Vendor should get the sign off of SSS on workflows before start ofimplementation. This would require vendor to implement quality improvement//monitoringsystems.Design of administrativesystems based on documentsand artifacts supplied, includingaddressing of all architectural aspects as per therequirements of SSS.3.18.2IT management Planning for efficient administrationof IT, deployment of necessary infrastructure coupledwithsuitable skilled personal for undertakingvarious aspects relating to operations &maintenance and service delivery.57


ProjectDocument for SCMA-VolumeISystem for maintaining informationn security and confidentiality of all records, data andinformation.Formulation ofsupportingpolicy/process framework for managementof IT. Development ofIT governance structure ncluding IT policies and procedures and other polices required forsuccessful conduct of business of SCMA. These includes amongst other1. IT policyfor creation and maintenance of infrastructure2. International Best practices inIT ServicesManagement3. Information security framework and policy4. Quality assurance framework for improvement of overall operations of SCMA5. Other policies and procedures for documentation of support function such asaccounting and finance etc.58


ProjectDocument for SCMA-VolumeI4 SCOPE OF S UPPLYThe scope of supply by the smart card vendor wouldinclude the following:4.1 ELEMENTS1. EnrollmentSoftware2. Document Management System3. Card and ApplicationsManagement System (CAMS)4. Key Management System (KMS) & SAM Cards5. Biometric Management System6. Software Application at Line Departments7. Card Application & Data Structure8. EnrollmentApplicationto enroll Entitlementt Holders9. Middleware to pre‐personalise, personalize, activate and issue Suvidha Cards10. Middleware for Card Management processes11. Middleware for Transaction Management processes12. Applicationfor Smart Card basedService delivery usingHandheld/desktop mobile/fixedTerminals13. System Integration activities14. Integrationn of all of the above with the MCapplicationalready being developed by theSystem Integrator15. Supply of all Hardware (Computer systems/printers/ ups/etc) for components 1 ‐ 6 asdefined above16. Supply of Smart Cards17. Supply of Contact Smart Card Readers18. Supply of Smart Card Personalisation Equipment19. Supply of devices for capturing Photographsdigitally20. Supply of devices for capturing Signatures digitally21. Supply of Fingerprint scanning devices22. Supply of Enrollment & Personalisation services for a period of 5 years23. Supply of Mobile Terminals for Banking Services24. Supply of Banking services for a period of 5 years59


ProjectDocument for SCMA-VolumeI4.2 SPECIFICATIONSThe Software, Hardware and Peripherals to be supplied by the SCMA under the scope of thisRFP shall be as under. In case the bidder feels that some additional equipment would beneededd to enable it to supply the complete solution as proposed – thesame should also beincluded in the proposed supply elements and its specificationsdefined.1. EnrollmentSoftware2. Document Management System3. Card and ApplicationsManagement System (CAMS)4. Key Management System (KMS) & SAM Cards5. Biometric Management System6. Software Application at Line Departments7. Card Application & Data Structure8. EnrollmentApplicationto enroll Entitlementt Holders9. Middleware to pre‐personalise, personalize, activate and issue Suvidha Cards10. Middleware for Card Management processes11. Middleware for Transaction Management processes12. Applicationfor application usage on Handheld/desktopmobile/fixed Terminals13. System Integration activitieso Expectations formthe above systems have already been covered above in thepreceding sections.14. Integrationn of all of the above with the MCapplicationalready being developed by theSystem Integratoro As per requirements defined in this RFP.15. Supply of all Hardware (Computer systems/ /printers/ ups/etc) forcomponents 1 – 6 asdefined aboveo As required to ensure optimal performance of thesoftware system offered by thevendor.16. Supply of Smart Cardso The following are the minimum specifications of theSmart Cards required.60


ProjectDocument for SCMA-VolumeIa.b.c.d.e.f.g.h.i.Microprocessor based Integrated Circuit(s) card with Contacts, withminimum 64 Kbytes available EEPROM for application data or enhancedavailable EEPROM as per guidelines issued by SSS.Compliant to ISO/IEC 7816 1,2,3,Compliant to SCOSTA1.2b Dt. 15 March 2002 with latest addendum anderrataSupply voltage 3V nominal.T=O or T=1 transport protocol.Smart Cards must have data objects at the Master File level as per ISOData Retention minimum 10 years.Min 200,000 EEPROM write cycles.Operating ambient temperaturerange –25Cto +55 C.17. Supply of Contact Smart Card Readerso CCID Complianto SupportISO 7816 Class A, B and C smart cardo 100,0000 insertionsso Full Speed USB 2.0Supporto LEDs indicating activityo In field firmware upgradeableeo Drivers for Windows XP, Windows 7, Linux18. Supply of Smart Card Personalisation Equipmento Supports Color dyesublimation and monochrome thermal transfero Edge toedge printing standardo Integrated ribbon saver for monochromeprintingo Prints at least 150 cards/ hour in YMCKO andupto 1000 cards an hour inmonochrome.o Minimum Printing resolution of 300 dpi.o Compatible with Windows XP, Windows 7, Linuxo Automatic & manual feeder for Card Loading.o USB & Ethernet connectivity.o Possibility to haveInbuilt encoding unitto personalize Contact & Contactless cardseither singularly ortogether in a single passo Should be able touse Full panel YMCKO ribbon, Short Panel YMCKO ribbon &Monochrome ribbons.61


ProjectDocument for SCMA-VolumeIo Should have Password protected access to printer viaprinter and printerr driver.firmwareloaded on19. Supply of devices for capturing Photographsdigitallyo Digital/ /Photographic Requirements ‐ Per ISO 19794‐5 Section7.3, 7.4, 8.3 and 8.4with Section 8.3 ofTechnical Corrigendum 2.o Segmentation and feature extraction should be possiblefor automatic faceRecognition to be used at a later dateo Compression ‐ JPEG 2000 color compression recommended. Compressionratio to beless than 10:1.o Hi‐Speed USB 2.0 certifiedo Auto‐focus with light‐sensoro Software driver support.20. Supply of devices for capturing Signatures digitallyo Large, Easily Used Signature Area (4" x 5"active area).o Built‐in Pen Storage and Tether.o Hot‐Pluggable Tablet (Connect only when needed. Serial and USB versionss available) .o Life of 250,000 + signatures.21. Supply of Fingerprint scanning deviceso Thin optical sensorallowing for plain livescanso 500 dpi@ 8bit perpixelo Uncompressed image also required. Lossless JPEG 2000accepted.o Minutiae Format should be asper ISO 19794‐2.o All 10 fingers to becaptured.o Active area: 13mmm x 20mmo Interface: USB 1.1 and 2.0o Operating temperature: 0°C to +50°Co 1:1 verificationo Verification time < 0.8so Identification time< 1so Tunablefalse acceptance rateo Verify Fingerprint Template as per ISO 19794o Compatible Driversor WSQ compression62


ProjectDocument for SCMA-VolumeI22. Supply of Enrollment & Personalisation services for a period of 5 yearso Description of these services has already been covered above in theprecedingsections.23. Supply of Banking services for a period of 5 yearso Description of these services has already been covered above in theprecedingsections.24. Supply of Mobile Terminals for Banking serviceso Display ‐ Backlit High Resolution graphical LCD with minimumm 8 line display. Shouldsupportmulti‐languageo Battery‐ Lightweight Lithium Ion Batteryo Printer ‐ Thermal Printer witha speed ofupto 10lines/seco Wireless Communication Options: ‐ GSM/GPRS & CDMAo External Serial Port: RS‐232o TCP/IP support preferredo Memory ‐ Minimum 16MB reserved for Applicationusageo Programlanguage ‐ GNU C / C++o Keyboard: backlit with 20 keyso PIN pad‐ secure PIN pad withmemory of 10 primary keyso Physical connectors ‐ 1 RS‐2322 connector and 1 RJ45connectoro Securitymodules ‐ embeddedd 3DES security moduleo SAM card slots ‐ Minimum 1 slot, confirming to ISO7816o Smart Card Reader‐ Atleast 1 number ISO 7816, EMV certifiedo Fingerprint Module ‐ Large Sensor Surface, Grayscale Image Depth:Full 8‐bit,Resolution: 500 dpi, ESD tolerance: IEC 6100 ± 12kV airdischarge, Biometricmatching algorithm25. Additional Specifications ‐ Card Body Specificationso The Card Body shall be of PVC or Composite with ABS with PVC overlaymust haveGlossy surface on the front and the backside of thecard.o The Card Body shall adhere to specifications as laid down in ISO7810 & ISO 7816‐11and shall pass the test conditions as specified in ISO10373‐1.o For easy referencee the dimension of the card and tests are laiddown as under:Card size63


ProjectDocument for SCMA-VolumeIThe following dimensions and tolerances apply to cards under the default testenvironment of 23°C ± 3 °C (73 °F ± 5 °F)and 40 % to 60 % relative humidity.Card dimensions and tolerancesAll points on the edges of the card in the finished state, except for the roundeddcorners, shall fall between two concentric, similarlyaligned rectangles as defined inthe figure below for maximum height and width, and minimum height and width.The corners shall be rounded with a radius as 3.18 mm. Care should be taken toavoid misalignment between the rounded corners and the straight edges of the card.The thickness of a card as defined here applies only to those parts of the cardoutsideof any raised area.Card edgesEdge burrs normal to the card face shall not exceed 0.08 mmm (0.003 in) above thecard surface.BendingstiffnessThe bending stiffness of the ID‐1 size card shall be such that deformations in normaluse (bends not creases) can be removedby the recording or printing device withoutimpairing the function of thecard. The deformation which occurs whenthe card issubjected to the test load as described in ISO/IEC 10373‐1 shall be 35 mm (1.38 in)maximum and 13 mm (0.51 in) minimum. The card shall return to within 1.5 mmm(0.06 in) of its original flat condition within one minute after the load is removed.ToxicityThe card shall present no toxic hazard in the course of normal use.Resistance to chemicalsThe card shall meet the dimensional and warpage requirements, and there shall beno separation of card components after submersion in short term (1 minute)solutions and after submersion in the acid and alkaline artificial perspirationsolutions, for 24 hours.Card dimensionalstability and warpage with temperature andhumidityAfter exposure to the following temperature and relative humidity:Temperature: 35 ° C to 50 °C ( 31 °F to 1222 °F)Relativee humidity: 5 % to 95 %The structural reliability shalll remain in compliancefor dimensions and warpage, asspecified below and clause “Overall Warpage”. Wider temperature rangesdepending64


ProjectDocument for SCMA-VolumeIon the applicationare basedon mutual agreement betweenthe supplier and thecard purchaser.LightThe card and its printed text shall resist deterioration from exposure to lightencountered during normal use.Peel strengthComponent layersof material that formthe card structure shall be bonded to theextent that any layer shall possess minimum peel strength of 0.35 N/mm (2 lbf/in). Ifthe overlay tears during the test, this signifies that the bond is stronger than theoverlay, which is automatically deemed acceptable.Adhesion or blockingWhen finished cards are stacked together, the cards shall show no adverse effectssuch as:The cards should be easily separated by hand.Overall card warpageThe maximum distance from a flat rigid plate to anyportion ofthe convex surface ofan ID‐1size card shall not be greater than 1.5 mm (0.06 in) including the cardthickness.delaminationdiscoloration or colour transferchanges to surfacefinishtransfer of material from one card to anotherdeformationSurfacedistortionsRaised areas shalll not increase the overall card thickness bymore than 0.10 mmm(0.004 in)Contamination and interaction of card componentsThe card material and any material added to the card shall notcontaminate the cardprocessing and interface devices which write and read the card. The card materialshall not contain elements which might migrate into and modify other componentsof the card to such an extent that, during normaluse of thecard, thismaterial islikely tobecome incapable ofmeeting the characteristics specified for it in this seriessof International Standards foridentification cards.Surfaceprofile of contacts65


ProjectDocument for SCMA-VolumeINo point of the IC contact surface shall be higher than 0.10 mmm above orlower than0.10 mmm below the adjacent surface of the card.Ultraviolet lightThe purpose of this test is to determine any adverse effects arising from exposure ofa card test sample to ultraviolet light. After the test theo integrated circuit(s) present in the card shall continuesto show anAnswer toReset response as it was showingbefore thetest.o Any contacts associated with any integrated circuit(s) present in the cardcontinue toshow electrical resistance as it was showingbefore thetest.Electromagnetic fieldsThe purpose of this test is to determine any adverse effect of a static magnetic fieldon a card test sample. After the test theo Integrated circuit(s) present in the card shall continuesto show anAnswer toReset response as it was showingbefore thetest.o Any contacts associated with any integrated circuit(s) present in the cardcontinue toshow electrical resistance as it was showingbefore thetest.Card Sizeo Width – 85.595 ± 0.125 mm;o Height – 53.975 ± 0.055 mm;o Thickness – 0.76 ± 0.08 mm;o Corner radius – 3.18 mm;66


ProjectDocument for SCMA-VolumeI26. Artwork StandardsTheSuvidha Smart Cards shall have a 4 color artwork on both sides of the card. This artworkshall be provided by SSS in a Corel Draw file format. The Corel draw file shall only be issuedto the SCMA selected thruthe bidding process.27. Quality of PrintingTheprinted card shall conform to thefollowing:1. Visual Appearance Testing to verify and confirm the satisfactory printquality ascompared with thestandard reference sample card.2. Light Fastness Test to verify the fade resistance, the printed cards shall be exposedto strong light for a range of different durations upto 72 hours using anAtlas Ci‐35fade‐ometer (type5 Xenon arc lamp). The results will be compared visually with thestandard referencee sample card undergone the same test.3. Abrasion Resistance to compare the protectionagainst mechanical scuffing andrubbing, maintaining the card’s original image quality for longer duration the printedcard shall be subjected to abrasion testing using a Taber Abraserr 1530 testtinstrument fitted with CS10 wheels and 500g total weight perwheel, operated overa number of test durations. The results shall be compared visually with those ofstandard referencee sample card.4.3 PPILOT DEMONSTRATIONNThe Bidders who shall clear the first round of Technical Qualification shall be invited to do aPilot Demonstration of a few key aspectss of the project to demonstrate their understanding andcapability of Managing a project that is both highly complex aswell as technical in nature. Theseepilot demonstration shall be done on a ‘no cost’ basis.The pilot shall be covering the complete businesss life cycle of the Suvidha card system. Thesalient points of the proposedpilot to demonstratee the Multi‐ApplicationCard as envisioned byMC are as below:o Card to have at least 2‐3 applications covering both cash as well non‐cash benefitso The pilot to demonstrate67


ProjectDocument for SCMA-VolumeIa.b.c.d.e.f.Enrollmentof entitlement holders with capture of photographs & Biometricsdemonstrating all proposed validations and checks to prevent duplication.Personalisation of the Smart Cardat siteTransactingwith cardfor bothCash & Non Cash entitlements (BankingInterface)Hotlisting, Blocking & Termination of the Suvidha CardTransactionn Data capturing and Centralised processingGenerationn of a few key MIS Reports.68


ProjectDocument for SCMA-VolumeI5 D E LIVERABLES ANDPROJECTSCHEDULESSS will enter intoa contractt with the successful bidder for setting up of SCM infrastructure.The successful bidder, after entering intocontract, would initiate the necessary studies requiredfor developing infrastructure, application and for conducting data integration and otherrequired studies.5.1 DDELIVERABLESThe deliverables ofthe project would be as follows:• Detailed ProjectPlan and Schedule.• System Requirement Specification Report.• System Analysiss Design Report including ER diagram and User Interfaces.• Solution Architectures viz.,Logical andFunctional Architecture including module description.• Dataa Center Requirementsand Disaster RecoveryCenter Design• Network Design• Disaster Recovery Center.• Setting up of Network and Connectivity• Establish a banking channel for performing banking transactions required under variousschemes.• All Application software (and their updates as released from time to time duringthe periodof the contract)with source codes in two sets, along with source code of third party softwareor any other software used.• All Hardware and peripherals as required and mentioned in this RFP• Suvidha Smart Cards as per the specifications in this RFP• Dataa Integrationn Strategy Report• Dataa Integrationn• Enrollment Services duringthe periodof the contract• CardPersonalisation and Issuance services during the periodof the contract• Banking Services during the period of the contract• HelpDesk Services during the period of the contract• Training to SSS staffDocuments to be provided• UserManual ofthe application(s)69


ProjectDocument for SCMA-VolumeI• Technical Manual of the Application(s), Data Center, Data Recovery Center and Network• Training Manual of SCM Application(s).Project Status Reports – weekly/monthly progress reports summarizing• Results accomplished during each week in Q1 and each month from M4 onwards• Cumulative deviations to date from schedule of progress onactivities• Corrective actions to be taken to return to planned schedulee of progress• Proposed revisions to planned schedule• Other issues and outstanding problems and actions proposed to be takenThe SCMA shall develop data conversionn programs, as requiredfor converting existing data intouploadable format. The Bidder shall perform mock data integrationtests to validate theconversion programs.5.2 TTRAINING TOKEY STAFFOF SSSVendorin consultation with SSS shall develop a detailed training plan for training thestaff of SSSSand Governmentdepartments. This training will be for at least 2 weeks and would be anexecutive training, focusingon details of training of officials of SSS and Governmentdepartments in using SCM application for generating various reports for monitoring and analysisspurposes. Vendor is also required to submit User Manuals as per the requirements of SSS.5.3 UUSER ACCEPTANCE TESTTSSS willl undertakee an exercisee of User Acceptance Test (UAT) of the SCM system as soon as theVendordeclares the system to be readyfor the exercise. SSS reserves the right to engage theservicess of an external agency to test the SCMA System. Any critical bugs identifiedd during theUAT should be fixed by the Implementation Vendorbefore acceptance of the software by SSS.User Acceptance TestingThe primary goal of Testing & Acceptance wouldbe to ensure infrastructure developed byvendor meets requirements,standards, specifications and performanceprescribed by the RFPby ensuring that the followingare associated with clear, quantifiable metrics for accountability:70


ProjectDocument for SCMA-VolumeIa.b.c.d.e.Functional RequirementsPerformanceAvailabilitySecurityManageabilityThe project is tobe designed to meet all functional, non‐functional and managementrequirements as mentioned inthe RFP.Functional RequirementsIndicative functional requirement of SCMsystem is provided in Volume I of the RFP, togetherwith respective deliverablesand a set of standards, wherever applicable. The vendor shallconduct a detailed SRS, get it approved from SSS, and based on it, shall develop the SCMsystem.Performance1.2.3.Performance is that aspect of service, which is measured in terms of throughput andlatency. Higher throughput and lower latency values represent good performance of aservice. Throughput represents the number of servicee requests served. Latency is theround‐trip time between sendinga request and receiving the response.This test process will include the following activities:a.b.c.d.e.f.g.Determination of performance metricsDesigning performance testsDevelopment of workloadPerformance testingIdentification of bottlenecks and providing solutionsDetermining final performance figures.Communication of final results toall stakeholdersFinal outpuof this process would be a sizing guide for the solution tested. The sizingguide will document the details of the performance tests, test data, bottlenecksidentified, and the final performance data.71


ProjectDocument for SCMA-VolumeIAvailability1.2.3.4.High Availability is a key requirement. The project must provide stakeholders withtimely, continuous access to information ‐ all day, every day. Theproject must also beable to rebound or recover from any planned or unplanned system downtime, ensuringa minimal impact on the operations.Availabilityis the quality aspect of whether the service is present or ready forimmediateeuse. Availability represents the probabilitythat a service is available. Larger valuesrepresent that the service is always ready to usewhile smaller values indicateunpredictability of whether the service will be availableat a particular time.Also associated with availability is time‐to‐repair (TTR). TTR represents the time it takesto repair a service thatt has failed.Ideally smaller valuesof TTR are desirable.The availability test would includethe following activitiesa. Designing test for high availability testingb. Execution of high‐availability testsc. Assessment of transaction/data losses in relation to Disaster Recoverysystemd. Communication of final results to all stakeholdersSecurity1.2.Security is the aspect of the service of providing confidentiality and non‐repudiation byauthenticating the parties involved, encrypting messages, and providing access control.The applications canhave different approaches and levels of providing security,depending on the service requester.Security Process will includea.b.c.d.Audit of Network, Server and Application security mechanismsAssessment of authenticationapplication/components/modulesAssessment of data encryption mechanismAssessment of datamechanismsmechanismprovided in theaccess privileges,retention periods and archivalFinal outcome of this process would be a comprehenssive audit report including all theNetwork, Server and Application security features incorporated in the SCMA system.72


ProjectDocument for SCMA-VolumeIManageabilityManageability needs to be a crucial aspect of an Enterprise Solution Implementation, Vendorhas to ensure that the solution deployed has adequate monitoring andtracking features formeasuring the utilization and availabilityof resources. This includes:1.2.3.4.5.6.Remote monitoring ofStatus andStatistics of all high‐level componentsManagement capability to start/stop/restartt services and systemsAuto discovery of all componentsmanageableAuto discovery of all other systemcomponentsAbility to track changes in configuration of the system componentsto help track serviceSystem disruptions73


ProjectDocument for SCMA-VolumeI6 ANNEXURESThe various Annexure provideinformation that theBidders may use to scale and size their bid.The details hereinmay be used to calculate the no of users, entitlement holders, locations,areas of operation etc.74


ProjectDocument for SCMA-VolumeI6.1 AANNEXURE 11 – ESTIMATTED NUMBER OF ENTITLEMENT HOLDERSThe following is a list of District wise estimated number of EntitlementHolders that are to becoveredunder the SCMA Operations.Numbers are expected to change and this is not anabsolute list. For the purpose of this RFP, the minimum number of entitlement holders will betaken as 40 lacs.DistrictsNorthWestSouthNorthEastWestEastSouthWestNorthCentralNewDelhiTotal No.ofHouseholds capturedinphase 1& 2 survey210,489157,517142,639117,174107,43779,58768,05636,1964,924924,019%ageProjectedno. ofvulnerablehouseholdfor phase‐3survey23 113,899 1, ,394,86717 85, 235 1, ,043,83215 77, 184 945,23913 63, 405 776,48812 58, 136 711,9639 43, 066 527,4067 36, 826 450,9934 19, 586 239,8631 2,664Total No. ofIndividual(total no. ofHousehold *4.3(averagesize ofHousehold))32,630100 500,000 6, ,123,282Homeless22,78017,04715,43712,68111,6278,6137,3653,917533100,000Totalprojectedno. ofindividualsincludinghomelesspeople1,417,6471,060,879960,676789,169723,590536,020458,358243,78133,1636,223,282Percentage of Childage < 10years283,529212,176192,135157,834144,718107,20491,67248,7566,6331,244,656Total no.ofindividuals invulnerableecategory1,134,117848,703768,541631,335578,872428,816366,687195,02426,5314,978,62575


Project Document for SCMA- Volume I6.2 ANNEXUREE 2 – LIST OF GOVERNMENT SCHEMES WITH BUDGETED OUTLAY FOOR FY2008‐09Social WelfareWoman & ChildDevelopmentNutritionGeneral EducationSectorOutlayScheme / ProgramOld Age Pension13500National Family Benefit Scheme240Jan Shree Bima Yojana10Scholarship to Disabled Person50Unemployment Allowance for Disabled50Pension to Widows850Fin Assistance to Lactating & Nursing Mothers 20Fin Assistance to Poor Widows for MarriageofDaughters500Supplementaru NutritionProgram2013Kishori Shakti Yojna75Scholarships to Students of Economically WeakerSections120Welfare of Educationally Backward MinorityStudents380Subsidy for School Uniform350076Cash /KindCard UtlisationBank AccountCashCashCashCashCashCashCashPoolEntitlementUtilisationA/c IndividualYesYesYesYesYesYesYesYesYesYesYesYesYesYesYesYesYesYesYesYesYesCash YesYesYesCash YesYesYesCash YesYesYesCash YesYesYesCash YesYesYesCash YesYesYes


Project Document for SCMA- Volume IFree Supply of Text Books2600KindYesNoYesIncentive as Scholarship for promoting educationamongst Girls1Cash NoNoYesWelfare ofSC/ST/OBC/MinoritiesFin Assistance for Stationery to sc/st/etc students 1100KindYesNoYesScholarships to sc/st/minorities students430CashYesYesYesFinancial assistance for self employment70CashYesYesYesHousingNight Shelters60kindNoNoYesNoCivil SuppliesStreamlining of Public Distribution System withFocus upon Below Poverty Line Population199Kind YesYesYesAnnapurna Scheme1KindYesYesYesMedicalMobilevan Dispensaries for JJ clusters346kindNoNoNoDelhi State Health Mission375CashYesYesNoLabour & Labour WelfareDept. of Training & Technical Education16BothYesYesNo(All Outlays mentioned are in Rs. Lacs)This is an indicative list depicting the kind of schemes. Bidders are expected to get the final information of these schemes from the various departments.77


Project Document for SCMA- Volume I6.3 ANNEXUREE 3 – EXPECTEDPERFORMANCE REQUIREMENTSRIN DELIVERING SERVICESServices from SCMAProviding on‐siteenrollment services tothe Entitlement holdersfrom every identified &prescribed locations.Error/discrepancyreports on SCM dataGrievance andcomplaint registrationAvailabilityScalability99% between 8:00 AM – 8:000 PM The number ofMonday thru Saturdayentitlement holders to beenrolled would be asper Annexure 2. Thesystem should be able tocater to the growth rateenvisaged.99% between 9:00 AM ‐– 7:00 PM97% for the remaining time99% between 9:00 AM ‐– 7:00 PM97% for the remaining timeManageabilityManage the systemwith providing forappropriatesupport taking intoconsideration theexpected scalabilityPerformanceReceipt of Smart SuvidhaCard by entitlement holderwithin 15 minutes ofsubmission ofapplication.End of the dayImmediate onReceiptExtendibilityReliability99.9%99.9 %99.8%Action Taken Report ongrievance andcomplaint byEntitlement holder/SSS / State Govt.DepartmentsUpdate Entitlemenholder informationnPreparation andsending of consolidatedStatement ofEnrollments & CardIssuance informationPreparation of variousSCM Managementrelated reports99% between 9:00 AM ‐– 7:00 PM97% for the remaining time99% between 9:00 AM ‐– 7:00 PM97% for the remaining time99% between 9:00 AM ‐– 7:00 PM97% for the remaining time99% between 8:00 AM ‐– 8:00 PM,after 8:00 PM 97%End of the daySame DayEnd of the dayEnd of the day99.8%99.8%99.8%99.8%78


Project Document for SCMA- Volume I6.4 ANNEXUREE 4 – EXPECTEDPERFORMANCE REQUIREMENTSRFROM APPLICATION AND PLATFORMAvailabilityScalabilitySecurityInteroperabilityMaintenancePerformanceExtendibilityReliabilityThe applicationshould be available99% of the timeduring 8 am to 8 pmand 97% during theremaining timeThe number ofentitlementholders to beenrolled wouldbeas per Annexure 2.The system shouldbe able to cater tothe growth rateenvisaged.The system shouldhave strongrole basedaccess control logicbuilt in it.The applicationshould beinteroperablebetween platforms.Followstandard ITmanagementFramework.Response timeshould be nomore than 10seconds for anyquery/posting.Applicationsshould take nomore than 30man days forextension/upgrade/ interfacingforinteroperabilityThe Mean TimeBetween Failureshould be morethan 24*30*3hrsAll routinemaintenancedowntime should beannounced andintimated to the SSSSat least 120 hours inadvance andmaintenance jobshould be donebetween 12 at nightto5 in the morning.The solutionshouldprovide Single‐Sign‐Onfeatures with passwordencryption protocoland / or SAMcards.Should also havecapability toenforcechanging thepasswords at system‐defined intervals.The system shoulduse open standardsfor inter operationsand for datainterchangeThe providershould updatepatches andupgrades to theoperatingsystem withina month ofreleaseThere should beperformancetuning every 6monthsThe systemshould allow forextendibility tonewsoftware/OS/DB.Mean time torepair should beless than 6hoursThe platformfeatures forredundancy/ add ‐The system shouldhave strongrole basedaccess control logicThe application mustallowinteroperabilitywithThird partyAll performancerelated callsfrom users will79


Project Document for SCMA- Volume Ions for redundancyprovided by thesystem should beenabled.built in itsoftware, MCWorkflow and portalapplications.be rectified andclosed within 1months80


Project Document for SCMA- Volume I6.5 ANNEXUREE 5 – EXPECTEDPERFORMANCE REQUIREMENTS FROM HARDWAREAvailabilityScalabilitySecurityInteroperabilityMaintenanceePerformanceExtendibilityReliabilityShould beavailable for 99 %during 8 a.m. to 8p.m and 97% fromduring theremaining time.The number ofentitlementholders to beenrolled would beas per Annexuree 2.The system shouldbe able to cater tothe growth rateenvisaged.The DR siteshould behosted in astronglysecurephysicalenvironment.The serversshould supportthe proposedapplicationserver/databaseserverenvironmentThe vendor shouldhave a qualifiedmaintenancee teamin place comprisingof a network,hardware andplatform (OS)expert.The systemresponse timeshould be no morethan 10 secondsfor anyquery/postingThe systemshould beextendable toallowadditionof storagehardware andexternalstoragedevices withleastdisruption ofoperations.The MeanTimeBetweenFailureshouldbemore than24*30*3 hrsIn case theprimary server isdown, thesecondary servershould be able tohandletransactionswithin the next 2‐5 minutes. Itshould supportthe application tillit gets connectedIt should allowaddition ofprocessing unitsand allow forclustering ofsystems.Compliancewith BS 77999standardsmust beensuredAll hardware,platform ornetworks should becovered underwarranty or serviceagreements withOEM or theirserviceproviders. The initialservice agreementsshould be valid forat least one yearfrom the date ofThere should beperformancetuning of thehardware,softwareanddatabase every 6monthsThe systemshould beextendable toadd newservicedeliverychannel eg.,MobilePhones, PDAetc.Mean timeto repairshouldbeless than 6hours81


Project Document for SCMA- Volume Ito the DR.implementation.The hardwarearchitectureshould not havesingle point offailureIt should allow forstorage ofhardware andexternal storagedevices with leastdisruption ofservicesAll performancerelated calls fromusers will berectified andclosedwithin 1 monthsThere shall be atleast concurrent150 to 300 userslogged to theapplication.Performance mustbe ensured forsuch number ofusers.The systemshould beextendable toadd newstakeholders.All routinemaintenancedowntime shouldbe announced andintimated to theSSS at least 120hours in advanceand themaintenance jobshould be donebetween 12 atnight to 5 in themorning.Maintenanceemethod shouldfollow somestandard ITmanagementframework.82


Project Document for SCMA- Volume I6.6ANNEXURE 6 –– EXPECTED PERFORMANCE REQUIREMENTS FROMNETWORKAvailabilityScalabilitySecurityMaintenanceePerformanceExtendibilityReliabilityTheree should befailsafe mechanisms inplace for the networkand connectivity tothe service providerThe number ofentitlement holdersto be enrolled wouldbe as per Annexure2. The system shouldbe able to cater tothe growth rateenvisaged.Complianceto BS 7799standardsmust beensuredThe network should becovered under warrantyor service agreementswith OEM or theirservice providers. Theinitial serviceagreements should bevalid for at least oneyear from thedate ofimplementation.The networkshould performat promisedperformancelevels at anygivennode ofthe network.Thenetworkcapacity should beextended in notmore than 90 mandaysMean Time betweenFailure(MTBF) shouldbe more than24*30*3Service Availability isthe proportion of timethe service is fullyavailable to the user.This should not be lessthan 99% during 8 amto 8 pm and 97%duringthe remainingtimeThere shouldbe Networksecurity auditat least oncein a yearStandard ITmanagementframework should befollowed.Meant Time toRepair MTTR is thetime taken to repairshould not be morethan 2 hrs fromlogging of call83


Project Document for SCMA- Volume I6.7ANNEXURE 7 –– EXPECTED PERFORMANCE REQUIREMENTS OF PEOPLE ARCHITECTURESCMManagementSupport StaffIT staffAvailabilityProvide single pointof contact on a24X7 basisAppropriatelyqualified, trainedand experiencedpeople for differentverticalsAppropriatelyqualified, trainedand experiencedpeople for differentverticalsScalabilityManpower Planningfor meeting thegrowthNumber of peopleshould be scaled upin accordance withgrowthNumber of peopleshould be scaled upin accordance withgrowthSecurityDevelopment &Implementation ofISMS (InformationSecurityManagementSystem)Must ensure dataPrivacy and securityEnsure trainedprofessionals inplace formanagement ofsecurity and privacyof dataMust sign acontract with SCMAin bindingtosecurity policyMust sign acontract with SCMAin bindingtosecurity policyManageabilityFramework fordevelopment andmanagement of ITinfrastructureFormulation ofbusiness process forservicee deliveryPerformanceAdherence tointernationalstandards forquality monitoringofservice deliveryAdherence toInternational BestPractices in ITservicesManagementReli‐abilityPlan and deployHuman Resourceewith their BackupplansPlan and deployHuman Resourceewith their BackupplansPlan and deployHuman Resourceewith their Backupplans84


Project Document for SCMA- Volume I6.8 ANNEXURE 8 –– PERFORMANCEE METRICS IN OPERATIONS AND MAINTENANCES.No.Service MatrixParametersBase lineLowerPerformanceBreachHigherperformanceeBasis of MeasurementMetricCreditMetricCredit MetricDebitMetric Credit1. Services and Operations RelatedTo Entitlement holders1 Enrolll and GenerateSCM Data and send toMC Workflow backend(including generationof Suvidha Smart cardas perspecifications)Realtime2 Update Entitlementholder’s personalinformation< 1 days3. Completion ofEnrollment ofEntitlement holder 2 days (‐) 31 Morethan 10Minutes(‐) 51 Morethan 30 (‐) 5Minutes4 4‐5 Days2 > 5 Days (‐) 1< 3 5 Measured from the daydaysof receiving ofapplicationNA NA NANA NA Measured from thetime of receivingEntitlement holder’sApplicationNext (‐) 10 Measured from theDaytime of receivingEntitlement holder’sApplication0‐1 Day 5 Measured from thetime complaint/grievance received.85


Project Document for SCMA- Volume IS.No.Service MatrixParametersBase lineLowerPerformanceBreachHigherperformanceeBasis of MeasurementMetricCreditMetricCredit MetricDebitMetric Credit6 Error/ /discrepancyreports on SCM dataEnd of the day5 NextDay1 After2 days (‐) 5NANANA7 ActionTaken Reporton grievance andcomplaint byEntitlement holder.Up to 5 days3 8‐12days1 > 12 days (‐) 1< 4days4Measured from the dayof registrationTo SSSS8 Preparation andsending ofconsolidatedStatement ofEnrollments and CardIssuance informationEnd of the day(Onlinepreferred)5 NextDay1 After2 days (‐) 5NANANA9 Preparation of variousSCM Managementrelated reportsEnd of the day(Onlinepreferred)3 NextDay1 After2 days (‐) 3NANANA10 ActionTaken onGrievance bySSS/PMU/StateDepartment10‐15 Days5 16‐25Days3 > 25 Days (‐) 5< 10Days7Measured from the dayof registration11 Transfer cash toentitlement holdersaccounts within 241 Day0.1 1‐4 Days0.05 Morethan 5days(‐) 0.1< 4 Hrs 0.2Measured from thedate of Request toTransfer Fundshoursof receipt of86


Project Document for SCMA- Volume IS.No.Service MatrixParametersBase lineLowerPerformanceBreachHigherperformanceeBasis of MeasurementMetricCreditMetricCredit MetricDebitMetric Creditfunds12 Doorstep service toidentifiedentitlement holderswithin 2 days oftransfer of funds2 days0.1 2‐7 Days0.05 Morethan 7days(‐) 0.1< 2Days0.2Measured from thedate of Transfer ofFunds to theEntitlement HoldersAccount13 Openholdersentitlementbankaccounts2 days0.1 2‐7 Days0.05 Morethan 7days(‐) 0.1< 2Days0.2Measured from thedate of Request toOpen AccountNote: The credit anddebits shall be netted across rows.Penalties:Vendor is expected to strictly adhere to the Performance Metrics as defined and expected performance requirements provided above, failingwhich, could result in penalties at the discretion of SSS. The set of penalties due tonon‐compliance will be discussed and decided by SSS with theselected bidder.87


Project Document forSCMAVolumeI6.9ANNEXURE 9 – IMMPLEMENTATION SCHEDULETo be providedd by the Bidder and shall form a mandatory part of the Technical Bid.S.No.Activities1) Signing of Contract with successful bidder2)Time for Completion *Dateof Start (T)T + __ Weeks88


Project Document forSCMAVolumeI6.10 ANNEXURE 10 – LLOCATIONS WHERE INFRASTRUCTURE NEEDS TOBE PROVIDEDFor PDS ShopsNumber of DistrictsCircle Office (8 circles per District)Fair Price ShopKeroshin Oil DeportSchoolsDelhi Govt.Govt. Aided SchoolsHospitalssHospitals covered under DANHospitals covered under JSYHospitals covered under RSBYCentral DistricttEast DistrictNorth DistrictNorth West DistrictSouth DistrictSouth West DistrictWest District97232522725932214373777811127732989


Project Document for SCMA Volume IThis page intentionally left blank.90

More magazines by this user
Similar magazines